In the fastest-performing integer factoring algorithms, one creates a sequence
of integers (in a pseudo-random way) and wishes to rapidly determine
a subsequence whose product is a square. In 1994 Pomerance stated
the following problem which encapsulates all of the key issues: Select integers
\( a_1, a_2, \ldots \) at random from the interval \( [1, x]\) , until some (non-empty)
subsequence has product equal to a square. Find a good estimate for the
expected stopping time of this process. A good solution should allow one to
determine the optimal choice of parameters in many factoring algorithms.
Pomerance (1994), using an idea of Schroeppel (1985), showed that with
probability \( 1 - o(1)\) the first subsequence whose product equals a square
occurs after at least \( J_0^{1-o(1)}\)
integers have been selected, but no more than
\( J_0\), for an appropriate (explicitly determined) \( J_0 = J_0(x)\) . We tighten
Pomerance?s interval to
\( [(\pi/4)(e^{-\gamma}-o(1)) J_0, (e^{-\gamma}+o(1)) J_0]\) ,
where \( \gamma\) is the Euler-Mascheroni constant, and believe that the
correct interval is \( [ (e^{-\gamma}-o(1)) J_0, (e^{-\gamma}+o(1)) J_0]\) , a "sharp threshold". In
our proof we confirm the well-established belief that, typically, none of the
integers in the square product have large prime factors.
The heart of the proof of our upper bound lies in delicate calculations in
probabilistic graph theory, supported by comparative estimates on smooth
numbers using precise information on saddle points.
Article