Quadratic residuosity problem

The quadratic residuosity problem (QRP^[1]) in computational number theory is to decide, given integers $a$ and $N$ , whether $a$ is a quadratic residue modulo $N$ or not. Here $N=p_{1}p_{2}$ for two unknown primes $p_{1}$ and $p_{2}$ , and $a$ is among the numbers which are not obviously quadratic non-residues (see below).

The problem was first described by Gauss in his Disquisitiones Arithmeticae in 1801. This problem is believed to be computationally difficult. Several cryptographic methods rely on its hardness, see § Applications.

An efficient algorithm for the quadratic residuosity problem immediately implies efficient algorithms for other number theoretic problems, such as deciding whether a composite $N$ of unknown factorization is the product of 2 or 3 primes.^[2]

^ Kaliski, Burt (2011). "Quadratic Residuosity Problem". Encyclopedia of Cryptography and Security. p. 1003. doi:10.1007/978-1-4419-5906-5_429. ISBN 978-1-4419-5905-8.
^ Adleman, L. (1980). "On Distinguishing Prime Numbers from Composite Numbers". Proceedings of the 21st IEEE Symposium on the Foundations of Computer Science (FOCS), Syracuse, N.Y. pp. 387–408. doi:10.1109/SFCS.1980.28. ISSN 0272-5428.

[1] Kaliski, Burt (2011). "Quadratic Residuosity Problem". Encyclopedia of Cryptography and Security. p. 1003. doi:10.1007/978-1-4419-5906-5_429. ISBN 978-1-4419-5905-8.

[2] Adleman, L. (1980). "On Distinguishing Prime Numbers from Composite Numbers". Proceedings of the 21st IEEE Symposium on the Foundations of Computer Science (FOCS), Syracuse, N.Y. pp. 387–408. doi:10.1109/SFCS.1980.28. ISSN 0272-5428.

[1]

[2]