Elliptic-Curve Factorization and Witnesses

We define the EC (Elliptic Curve)-based factorization witnesses and prove related results within both conditional and unconditional approaches. We present experimental computations that support the conjecture of behavior of related admissible elliptic curves in relation to the deterministic complexity of suitable factoring algorithms based on the parameters of the witnesses. This paper features three main results devoted to the factorization of RSA numbers N = pq, where q > p. The first result of computational complexity of elliptic curve factorization is improved by the factor D-sigma, comparing to previously known result O(D2+o(1)), where D is smoothness bound, assuming additional knowledge of the admissible elliptic curve. The second result demonstrates the feasibility of achieving factorization in deterministic, polynomial time, based on knowledge obtained at a specific step in the elliptic curve method (ECM), a feat previously considered impossible. The third result establishes deterministic time for conditional factorization using the elliptic version of Fermat method. It has the magnitude order (logN)(O(1)) (1+(|a(p) |+| a(q)|/D)(2)), provided q/p << 1. Here a(p), a(q) are the Frobenius traces of the corresponding curves (E(F-p), E(F-q)), and D indicates the approximation of the quotient p/q by the quotient a(p)/a(q), assuming that the order of the group of points over a pseudo elliptic curve E(Z(N)) is known.