Kraitchik-Fermat Integer Factorization Interactive Tool

Integer to factor:
Smoothing limit:
Swing limit: ±

Kraitchick's Integer Factorization Method
Perfect square?
Residues
x
Q(x)
Sum of terms	Factors	Factorization vector

How It Works
(1) Let N be a composite number, defined as: where each p and q is prime and may be equal to any other p or q. Each factor is arbitrarily assigned to p or q.	N = p₁ · p₂ · p₃ · ... · p_m · q₁ · q₂ · q₃ · ... · q_n
(2) If for N, we find u and v such that u² ≡ v² (mod N):	Then, u² - v² ≡ 0 (mod N) (u + v) · (u - v) ≡ 0 (mod N), and (u + v) · (u - v) = k₁ · k₂ · N for some integers 1 ≤ k₁ < k₂
(3) From (1) and (2),	(u + v) · (u - v) = k₁ · k₂ · p₁ · p₂ · p₃ · ... · p_m · q₁ · q₂ · q₃ · ... · q_n
(4) If (u + v) [ or (u - v)] = k₁ · k₂, then (u - v) [or (u + v)] = N, and determination of u and v will not yield a useful result. If u ≡ ±v (mod N), then (u + v) and (u - v) ≡ 0 (mod N) and determination of u and v will not yield a useful result.
(5) If (u + v) = k₁ · p₁ · p₂ · p₃ · ... · p_m, and (u - v) = k₂ · q₁ · q₂ · q₃ · ... · q_n (or vice versa), then	N ∤ (u + v) N ∤ (u - v) But gcd(u+v, N) = p₁ · p₂ · p₃ ... · p_m And gcd(u-v, N) = q₁ · q₂ · q₃ ... · q_n Which are factors of N
Algorithm Implementation
Starting at the integer portion of √N, run through x₀ = √N, x₁ = √N+1, x₂ = √N+2, ...
For each, x_i, calculate Q(x_i) = x_i² - N	Then x_i² ≡ Q(x_i) (mod N) By the Modular Multiplication Rule, x_i² (mod N) · x_j² (mod N) ≡ x_i² · x_j² ≡ Q(x_i) · Q(x_j) (mod N)
Define a factor base consisting of -1 and small primes up to a designated smoothing limit (F = {-1, 2, 3, 5, 7, 11 ...})
Factor each Q(x_i) by each member of F: where R_i is the residual integer after all members of the factor base have been applied.	Q(x_i) = -1^a_i0 · 2^a_i1 · 3^a_i2 · 5^a_i3 · ... · R_i
Discard all Q(x_i) where R_i > 1 Save each remaining {a_i} as an exponent vector corresponding to x_i, Q(x_i)
Find a subset, j, of Q(x_i) where the sum of each exponent vector term is even. The product of those Q(x_j), having all even exponents, is a perfect square
We can now set u² = [x_j1 · x_j2 · x_j3 · ... ]², and v² = Q(x_j1) · Q(x_j2) · Q(x_j3) · ...
Solving for u and v, then (u+v) and (u-v), then gcd(u+v, N) and gcd(u-v, N) provides factors for N, which may or may not be trivial
If the product of a subset of Q(x), Q_i1 · Q_i2 · Q_i3 · ... = Q²_tot(x) is a square, then (x_i1 · x_i2 · x_i3 · ...)² = Q²_tot(x) (mod N)