# Algorithmic Number Theory - List 3
#### Witold Karaś (254622)

## Task 1: Tonelli-Shanks algorithm

In [112]:
def tonelli_shanks(a: int, p: int):
    # Make sure input is correct
    assert p > 2, f"prime number p = {p} must be greater than 2"
    assert pow(a, (p - 1) // 2, p) == 1, f"no roots for {n} mod {p}"
    
    # Find odd s and positive e such that p - 1 = s * 2 ^ e
    s, e = p - 1, 0
    while s % 2 == 0:
        s, e = s // 2, e + 1

    # Find number n such that n ^ (p - 1) // 2 ≡ -1 (mod p)
    for n in range(2, p):
        if pow(n, (p - 1) // 2, p) == -1 % p:
            break
            
    # Set variables:
    # First guess at the square root
    x = pow(a, (s + 1) // 2, p)
    # First guess at the fudge factor
    b = pow(a, s, p)
    # Powers of g will update both x and b
    g = pow(n, s, p)
    # Exponent will decrease with each loop of the algorithm
    r = e
    
    def find_m():
        t = pow(b, 2, p)
        for m in range(1, r):
            if (t - 1) % p == 0:
                break
            t = pow(t, 2, p)
        return m
    
    # Note: x ^ 2 ≡ b * a (mod p)
    while (b - 1) % p != 0:
        m = find_m()

        x = (x * pow(g, 2 ** (r - m - 1))) % p
        g = pow(g, 2 ** (r - m), p)
        b = (b * g) % p

        r = m
    return x

In [114]:
for _ in range(100):
    p = random_prime(2**128)
    n = 0
    while n < 2:
        n = randint(2, p - 1)
    res = tonelli_shanks(pow(n, 2, p), p)
    assert res == n or p - res == n
print("Ok, all asserts passed")

Ok, all asserts passed
