Talk:Tonelli–Shanks algorithm

Mathematics Start‑class Low‑priority

This article is within the scope of WikiProject Mathematics, a collaborative effort to improve the coverage of mathematics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.MathematicsWikipedia:WikiProject MathematicsTemplate:WikiProject Mathematicsmathematics Start This article has been rated as Start-class on Wikipedia's content assessment scale. Low This article has been rated as Low-priority on the project's priority scale.

It is written that in the special case where p equals 3 modulo 4, then the solution is simply:

${\displaystyle n^{(p+1)/4}}$

I don't get why. Is it supposed to be obvious? --Grondilu (talk) 14:01, 20 June 2012 (UTC)[reply]

Yes. Square it, and apply Euler's criterion.—Emil J. 14:41, 20 June 2012 (UTC)[reply]

Alberto Tonelli needs a enwiki translation. He has an article on the itwiki, a small one that doesn't mention he first came up with the important Tonelli-Shanks modular square root algorithm. There are three algorithms to take a modular square root and Tonelli's is as good as any of them. It's actually a rather important algorithm, since public key cryptography uses modular arithmetic. Endo999 (talk) 02:13, 28 August 2017 (UTC)[reply]

I'm not a professional mathematician but I just read Dickson's "History of Numbers" ^[1] where it says on page 215-216 that

A. Tonelli^[2] gave an explicit formula for the roots of ${\displaystyle x^{2}=c({\bmod {p^{\lambda }}})}$

Perhaps some mathematician should work out if the Tonelli algorithm takes modular square roots for powers of primes as well as for primes This Wiki article says the algorithm only works for prime modula.

After reading the Dickson text a couple of times on p215,216 I came across this formula for the square root of ${\displaystyle x^{2}{\bmod {p^{y}}}}$.

when ${\displaystyle p=4*7+1}$, or ${\displaystyle s=2}$ and ${\displaystyle A=7}$

for ${\displaystyle x^{2}{\bmod {p^{\lambda }}}\equiv c}$ then

${\displaystyle x{\bmod {p^{\lambda }}}\equiv \pm (c^{A}+3)^{\beta }*c^{(\beta +1)/2}}$ where ${\displaystyle \beta \equiv a*p^{\lambda -1}}$

Noting that ${\displaystyle 23^{2}{\bmod {29^{3}}}\equiv 529}$ and noting that ${\displaystyle \beta =7*29^{2}}$ then

${\displaystyle (529^{7}+3)^{7*29^{2}}*529^{(7*29^{2}+1)/2}{\bmod {29^{3}}}\equiv 24366\equiv -23}$

So Tonelli's math does seem to take modular square roots of prime powers! Endo999 (talk) 03:17, 2 September 2017 (UTC)[reply]

Here's another equation: ${\displaystyle 2333^{2}{\bmod {29^{3}}}\equiv 4142}$ and

${\displaystyle (4142^{7}+3)^{7*29^{2}}*4142^{(7*29^{2}+1)/2}{\bmod {29^{3}}}\equiv 2333}$

Endo999 (talk) 06:36, 30 August 2017 (UTC)[reply]

On page 215-216 of the Dickson book, the equation is given of Tonelli's:

${\displaystyle X{\bmod {p^{y}}}\equiv x^{p^{y-1}}*c^{(p^{y}-2p^{y-1}+1)/2}}$ where ${\displaystyle X^{2}{\bmod {p^{y}}}\equiv c}$ and ${\displaystyle x^{2}{\bmod {p}}\equiv c}$;

Using ${\displaystyle p=23}$ and using the modulus of ${\displaystyle p^{3}}$ the math follows (in mathematica):

Mod[1115^2, 23 23 23]=2191
 
Mod[1115^2, 23]=6
PowerMod[6, 1/2, 23]=11

Mod[11^(23 23) 2191^((23 23 23 - 2 23 23 + 1)/2), 23 23 23] =1115

Thus Tonelli's work can work for a 3 mod 4 prime power. Endo999 (talk) 20:23, 11 September 2017 (UTC)[reply]

I suppose that ${\displaystyle ({\mathbb {Z}}/p{\mathbb {Z}})^{d}}$ should rather read ${\displaystyle {\mathbb {Z}}/p^{d}{\mathbb {Z}}}$? And the introductory sentence is more than confusing as well. The "multiplicative group" would perhaps be ${\displaystyle ({\mathbb {Z}}/p^{d}{\mathbb {Z}})^{\times }}$, and of course all operations and comparisons in that ring are modulo ${\displaystyle p^{d}}$. --Hagman (talk) 09:09, 10 February 2018 (UTC)[reply]

> Given a non-zero n and an odd prime p, the Euler's criterion tells us that n has a square root (i.e., n is a quadratic residue) if and only if

I don't know about this stuff, but this seems wrong in one or more ways. First, "has a square root" has to be wrong, as every integer "has a square root". I think it means an integer square root? Secondly, I don't think that's true either, but only "modulo p". I think maybe a quadratic residue is only sensible "modulo p"? At least, based on my understanding from the first sentence of "Quadratic residue" wikipedia page. — Preceding unsigned comment added by 134.134.139.74 (talk) 21:44, 22 February 2018 (UTC)[reply]

I have linked quadratic residue in that sentence since it is the first occurrence. And yes, it is modulo p. I think the lead makes that clear. It is the first sentence after the lead. PrimeHunter (talk) 22:30, 22 February 2018 (UTC)[reply]