Hiding small numbers in a huge number?

  • Context: Graduate 
  • Thread starter Thread starter Ben Huke
  • Start date Start date
  • Tags Tags
    Numbers
Click For Summary

Discussion Overview

The discussion revolves around a mathematical computing problem involving the decomposition of a large number derived from a set of smaller integers. Participants explore the feasibility of constructing functions that make it difficult to reverse-engineer the original integers while also allowing for efficient checks of membership within the set.

Discussion Character

  • Exploratory
  • Technical explanation
  • Debate/contested
  • Mathematical reasoning

Main Points Raised

  • One participant questions the feasibility of the proposed conditions, suggesting that brute force methods could undermine the security of the functions f1 and f2.
  • Another participant argues that even with a computationally intensive function, the time required to brute force through possible values remains manageable, particularly with 32-bit integers.
  • A different viewpoint suggests that increasing the integer size to 64-bit could enhance security, although this may also affect the probability p of correctly identifying membership in the set.
  • One participant proposes that if the integers are distinct primes and no modulus is used, the probability p could be maximized to 1.

Areas of Agreement / Disagreement

Participants express differing opinions on the feasibility of the problem and the implications of increasing the integer size. There is no consensus on whether the proposed conditions can be satisfied or how to effectively increase the probability p.

Contextual Notes

Participants highlight limitations related to computational feasibility and the effectiveness of brute force methods, as well as the potential impact of integer size on the probability of successful membership checks.

Ben Huke
Messages
2
Reaction score
0
Dear number theorists and enthusiasts,

Following is a math-computing problem. If you are interested and want to be paid for solving it, please contact me (benhuke@gmail.com).

Suppose we have a set of n positive 32-bit integers: X = {x1, x2, … x_n}

Find a function f1 such that with T = f1(x1, x2, … x_n), it’s computationally infeasible to decompose T back to x_i's. That is, the time it takes to find the original component numbers will increase exponentially with T. However, also find a function f2 such that if r = f2(T, x) = 0 then we can conclude, with as high a probability (p) as possible, that x is in X.



For a rough example, we can have:

f1: T = x1 * x2 * … * x_n (In this case, with n > 20, is it computationally infeasible to decompose T back to x_i's ?)

f2: r = T mod x



Further requirements: The solution must have a higher p and have f2 more efficient (i.e. requiring less computation) than those in the example.



Please give my your opinion about this problem (e.g., how difficult is it? is it possibly solvable?).

Sincerely thanks,

Ben
 
Physics news on Phys.org
I don't think your conditions can be satisfied.

If it takes as long as ten microseconds to compute f2(T, x), one could brute force exhaust through all possible values for x in half a day.

(And my tests indicate that, on my computer, it takes under 3 microseconds to compute the f2 you propose)
 
No matter what you do, brute force will give all the solutions in 2^32 ~= 4 billion times the time it takes to calculate the f2. Cryptographically speaking, this isn't very strong -- even if you take a tenth of a second generating the number, it would take a cluster of 500 computers just 10 days to cycle through all the possibilities. If there's a faster way to crack it it takes less effort.

Now if you used 64-bit integers the problem becomes much more interesting. Taking 1ms to encode, it would take a million-computer cluster 600 years to cycle through the space. That's more secure by far.

For the latter problem, multiplying the numbers might work. Multiplying and taking a large mod (greatly increasing the work needed for f2, depending on how large you choose the modulus) could be workable.
 
Thanks a lot for your replies.

But if we increase the size of x_i to 64-bit, that will decrease p, right? How to increase p?
 
Ben Huke said:
But if we increase the size of x_i to 64-bit, that will decrease p, right? How to increase p?

It need not. If you're not taking a modulus, and you choose all the x_i to be distinct primes, then p = 1.
 

Similar threads

Undergrad Proving inequality about dimension of quotient vector spaces
  • · Replies 25 ·
Replies
25
Views
4K
Undergrad Is Hooke's law really not working, or is it me being dummy?
  • · Replies 13 ·
Replies
13
Views
2K
MHB Number of multiplications and divisions for LU decomposition
  • · Replies 22 ·
Replies
22
Views
3K
Undergrad On the expected value of a sum of a random number of r.v.s.
  • · Replies 3 ·
Replies
3
Views
3K
Graduate Anti-dual numbers and what are their properties?
  • · Replies 1 ·
Replies
1
Views
2K
MHB Calculate the density - Unbiased estimator for θ
  • · Replies 1 ·
Replies
1
Views
2K
Graduate The meaning of ##(ict, x_1,x_2,x_3)##
  • · Replies 4 ·
Replies
4
Views
3K
Graduate Stats: would the sum of the variances be 1 in this case?
  • · Replies 7 ·
Replies
7
Views
2K
Undergrad The Basic Area Problem (introduction to the topic of integrals)
  • · Replies 24 ·
Replies
24
Views
4K
Graduate Complete characterization of local monomials
  • · Replies 0 ·
Replies
0
Views
1K