Sign into an existing account

The algorithm has been nailed down.
Branch elimination core has been corrected and the new model uses logical ANDs to select the branch with the lowest possible child node values based on a metric of entropy.

non-trivial branches have been reduced from e-1 to 0 per base 10 digit of a key.

Testing in progress.

edit:
Locked down problem runtime. O(1) space complexity. O(log10 n) time complexity. We're solid.
Still generalizing code.
13-17 hours of work left by my estimate, mostly battle testing and extending to the full range to run with the push of a button.

This is the p/x approach I was exploring early on. It has been trimmed a bit but for the most part it is undocumented, and largely uncommented, with lots of cruft and deadwood sections--You've been warned.

Meant to be run and explored in-console rather than run as is.

https://files.catbox.moe/1isvyp.py

Do you have what it takes to find a function or equation that links the known set to the unknown set?

edit:
Some explaination.

The unknown set is variables: a, b (in cryptography known as p and q), u, c, t, d4, alpha, beta, etc.

The variables c and d4 are particularly interesting. While it is possible to acquire their quotient c/d4 (given as '_cd4') just from a semiprime itself, the product of c and d4 is the quotient of the factors of the semiprime.
It goes without saying that finding a function that maps c/d4 to -> cd4 in one step, is by extension equivalent to finding a constant-time factorization algorithm, because if cd4==b/a, then it is trivial to follow through with (p/(cd4)).sqrt(), yielding a, where p=a*b

A canonical example is included, starting with a=d(108271), simply because I find equations easier by looking for relations and patterns between actual numbers.

I ran out of recognizable variable names early on and resorted to the periodic table and terms from particle physics.

First the new architecture

https://files.catbox.moe/1tygoo.png
https://files.catbox.moe/n308f1.png


Working on cryptography and got one of the last major modules functioning.
Summary:
The central insight is that you can generate approximations of factors using variations on modular arithmetic that will be accurate to the leading digits of a semiprime's lowest factor. Then, by applying various constraints, you can dramatically reduce the search space.

The algorithm's efficiency comes from the fact that the modular set grows much more slowly than the bit length of the semiprime, making it vastly more scalable than traditional factorization methods.

This approach bridges number theory, machine learning, and optimization techniques in a novel way to solve the prime factorization problem.

code (partial)
https://pastebin.com/raw/DHADM0nW

Full text:
What I'm doing is using the code listed here
to generate a list of possible values of A (where the problem is p=ab, or n=pq in cryptography), and then using the boundaries established with other variables from a separate module, called d4a, ac, at, av, etc
to start to eliminate values.

ML will be needed to classify whether unknowns are
inverted (abs(unknown) < 1).

While the number of values to consider grows, assuming we know
whether an unknown is inverted we can take known
variables & use them as upper (or lower) bounds on A,
filtering significant numbers of values.

More importantly, the number of values to check in the modular
set grows much more slowly then the bitlength of the semiprime
to check.

We'll call the set of equations (d4a, at, ac, av, etc) the Algebraic Set (AS).
The set of modular values derived from p (or n) we'll call the Modular Set (MS).
The algorithms I wrote in the 290+ set, we'll call the Convergent Set (CS).
The machine learning model that classifies whether unknowns are likely to be inverted or not (abs(n) < 1), we'll call the Configuration Set (FS).
And the code written to generate boundary estimates we'll call the threshold set (TS).

How and why it works.
I determined the AS is indeterminate (I've checked well over a billion solutions so far, and probably on the order of several thousand novel methods to attack the problem, variations of it, and simplified versions as well, in the domains of algebra and the minimal calculus that I know), that is there is insufficient free parameters to map between the known and unknown set, and thus factor our product.

The modular set is derived from certain equations relating the various magnitudes to themselves. The MS guarantees that for some vector of values [p, u, k, i, j] some of which are trivial to estimate, there will within the set generated, always be a value that approximates A in P=AB, up to the leading 1-2 digits (and often more) and magnitude.

By taking the AS we can use the FS to derive boundaries, giving us the TS.
With the MS, we can use the TS, to efficiently derive estimates of all unknowns that have factors in common, such as and including (but not limited to) u (unknown) from d4u, ut, cu, and uv (all known).

With these estimates, we can then feed them to the CS to essentially strip away multiple outer and inner loops of the algorithm, giving us significant orders-of-magnitude improvements in convergence time.

This is one of the final pieces of the puzzle.

Current risks are:
- if the ML component can correctly identify if unknown variables in known products and quotients are inverted or not.
Preliminary testing with smaller model and datasets (<100k samples across various bitlengths) indicates this will work.

- re-groking the later basilisks which are incredibly convoluted and have to have parameter sweeps for tuning done.

- gains vanishing at very high bitlengths owing to having to convert very large numbers to logarithms, and the ML model potentially failing because of that.

Mitigations:
- Larger sample-size testing for the ML model in order to establish the threshold set's definitive viability, rather than ad-hoc testing.

- writing clear documentation and procedures on the convergent set algorithm, so I don't have to work through it every time I want to implement something related to it

- writing my current off-the-shelf neural-graph-search (NGS) library from the ground up to accept arbitrary precision floats and integers

Obstacles:

- I'm not currently versed enough in ML to rewrite the NGS, and no known library currently accepts arbitrary precision types. Most rely on numpy, and even numpys largest type support won't handle data in the 2-4k bits length.

Current delivery estimate:
"Two more weeks", or "Fuck you!"

The current core of the aproximation algorithm works with pairs of elliptic curves, based on values of n, where n equals
[4,9] [49, 64], [256, 289], [8464..]

the pair 256, 289 for example correspond to the number of elements of the finite group defined by the elliptic curve y^2 = x^3 + x + 1 (mod prime(n)) (256, 289)

given the following python code..
for some value of i, such that (_d42/((int(((ceil(a1/(d4a/_d42))(d4a/_d42))_d42)/d4a))-(1+d(1/2))(1-((d(1/4))-(d(1/9))+(d(1/49)i)-(d(1/64)d(1/i))+(d(1/256)d(i))-(d(1/289)d(1/i))+(d(1/d(922))d(i)))))) ~= d4, where d4a/d4 = a = p
where in standard notions our public key would be n=pq, n being a semiprime, p and q being prime (this a simplification naturally, and leaves out discussion of the modulus).

and where the value being aproximated is
abs((_d42/((int(((ceil(a1/(d4a/_d42))(d4a/_d42))_d42)/d4a))-(1+d(1/2))(1-((d(1/4))-(d(1/9))+(d(1/49)i)-(d(1/64)d(1/i))+(d(1/256)d(i))-(d(1/289)d(1/i))+(d(1/d(92*2))d(i))))))-d4)

Some of the values remain unexplained for now, but the gist to understand whats going on is there.

Testing across a few million random semiprimes from a mere 32 bits, all the way up to 4096 bits found that the i value needed
to closely approximate d4, and thus find p and q is never greater than 75 in all tested cases (and this is a relatively tight upperbound) based on the mean and variance of all semiprimes tested.

Finding p is equivalent to factoring, and thus breaking a public key.

This core method gets us to within 3% of any given key value.

Further elements of the algorithm get us to within 0.1 to 0.0001 of a key, indicating there is significant room for improvement.

It is now possible to get both the magnitude, and first 4-5 leading digits of a public key's factors, as well as the first 2-4 digits at the smallest integer magnitudes of a key's factors, without exhaustive search.

Ongoing research and current progress rates suggest the evolution of the work should yield advancements in the algorithm over the next six months that allow us to retrieve upwards of half the digits of a key's factors regardless of length, with eventual complete factoring in logarithmic time.

That is all for now.

Initially deteterming the potential digits of a number N, at a given magnitude M(i), M(i+1), M(i+2), required about 10,000,000 iterations per digit group. I got that down to 2000 iterations, producing 200 candidates per group, about 1/5th the bitlength of the prior problems key size. So a key with factors that were say 650 digits long, rather than have to guess the digits from 0-999 for each 3 digit group, you had no more than 200 results to try, effectively reducing your search space from (999216) to 200216.

A 9 digit number can be factored in roughly.. (999^3)/(200^3) ~= 125 times less iterations.

A twelve digit number? 622 times faster.

A sixty four digit number? 798300146800470 times faster.

Etc.

That was good of course, but for very large bit lengths, even this is still impractical.

I realized if we just start with the 200 pairs of potential digits for the first two digits of the factors of n=p*q, then
we could string combinations of the range 0-9 in front of them, or at the highest magnitude, convert them back to integers,
multiply them together, and then once again match them against the digits of n.

False pairs in the initial set will fail to produce more digits of n at the same density as the true pair.

If our three digit pairs produce a product that matches 3 or more digits of n, that becomes a three-digit result pair, describing
one or more potential sets of digits for p and q.

We do this for all two digit pairs, to generate the set of potential 3digit pairs.

Finally, the optimization:
If none match we kill or filter out the 2digit parent pair.
Likewise the 3digit parent pair, and 4digit parent pair, on down the line, pruning branches.

The result should be a very minimal, and semi-linear search space that is much faster than the prior method.

I'm implementing it tonight.