On sharp transitions in making squares

Article

Croot, Ernie; Granville, Andrew; Pemantle, Robin; Tetali, Prasad

ANNALS OF MATHEMATICS

0003-486X

10.4007/annals.2012.175.3.10

2012

1507-1550

In the fastest-performing integer factoring algorithms, one creates a sequence of integers (in a pseudo-random way) and wishes to rapidly determine a subsequence whose product is a square. In 1994 Pomerance stated the following problem which encapsulates all of the key issues: Select integers a(1), a(2), ... , at random from the interval [1,x], until some (nonempty) subsequence has product equal to a square. Find a good estimate for the expected stopping time of this process. A good solution should allow one to determine the optimal choice of parameters in many factoring algorithms. Pomerance (1994), using an idea of Schroeppel (1985), showed that with probability 1 - o(1) the first subsequence whose product equals a square occurs after at least J(0)(1) (o(1)) integers have been selected, but no more than J(0), for an appropriate (explicitly determined) J(0) = J(0)(x). We tighten Pomerance's interval to [(pi/4)(e(-gamma) - o(1))J(0), (e(-gamma) + o(1))J(0)], where gamma = 0.577 ... is the Euler-Mascheroni constant, and believe that the correct interval is [(e(-gamma) - o(1))J(0), (e(-gamma) | o(1))J(0)], a sharp threshold. In our proof we confirm the well-established belief that, typically, none of the integers in the square product have large prime factors. The heart of the proof of our upper bound lies in delicate calculations in probabilistic graph theory, supported by comparative estimates on smooth numbers using precise information on saddle points.