[Previous] [Up] [Next]

A Tour of NTL: Examples: Big Integers

The first example makes use of the class ZZ, which represents "big integers": signed, arbitrary length integers. This program reads two big integers a and b, and prints (a+1)*(b+1).

#include <NTL/ZZ.h>

int main()
   ZZ a, b, c; 

   cin >> a; 
   cin >> b; 
   c = (a+1)*(b+1);
   cout << c << "\n";

This program declares three variables a, b, and c of type ZZ. The values a and b are read from standard input. The value c is then computed as (a+1)*(b+1). Finally, the value of c is printed to the standard output.

Note that one can compute with ZZs much as with ordinary ints, in that most of the standard arithmetic and assignment operators can be used in a direct and natural way. The C++ compiler and the NTL library routines automatically take care of all the bookkeeping involved with memory management and temporary objects.

Here's a program that reads a list of integers from standard input and prints the sum of their squares.

#include <NTL/ZZ.h>

int main()
   ZZ acc, val;

   acc = 0;
   while (SkipWhiteSpace(cin)) {
      cin >> val;
      acc += val*val;

   cout << acc << "\n";

The function SkipWhiteSpace is defined by NTL. It skips over white space, and returns 1 if there is something following it. This function is useful, because NTL's input operators raise an error if an input is missing or ill-formed. This is different from the standard I/O library, which does not raise an error. Personally, I find that not raising an error, or at least an exception, is a bad idea, since the caller of the I/O routine must constantly check the status of the input stream.

Here's a simple modular exponentiation routine for computing a^e mod n. NTL already provides a more sophisticated one, though.

ZZ PowerMod(const ZZ& a, const ZZ& e, const ZZ& n)
   if (e == 0) return to_ZZ(1);

   long k = NumBits(e);

   ZZ res;
   res = 1;

   for (long i = k-1; i >= 0; i--) {
      res = (res*res) % n;
      if (bit(e, i) == 1) res = (res*a) % n;

   if (e < 0)
      return InvMod(res, n);
      return res;

Note that as an alternative, we could implement the inner loop as follows:

   res = SqrMod(res, n);
   if (bit(e, i) == 1) res = MulMod(res, a, n);
We could also write this as:
   SqrMod(res, res, n);
   if (bit(e, i) == 1) MulMod(res, res, a, n);
This illustrates an important point about NTL's programming interface. For every function in NTL, there is a procedural version that stores its result in its first argument. The reason for using the procedural variant is efficieny: on every iteration through the above loop, the functional form of SqrMod will cause a temporary ZZ object to be created and destroyed, whereas the procedural version will not create any temporaries. Where performance is critical, the procedural version is to be preferred. Although it is usually silly to get too worked up about performance, it may be reasonable to argue that modular exponentiation is an important enough routine that it should be as fast as possible.

Note that when the functional version of a function can be naturally named with an operator, this is done. So for example, NTL provides a 3-argument mul routine for ZZ multiplication, and a functional version whose name is operator *, and not mul.

While we are taking about temporaries, consider the first version of the inner loop. Execution of the statement

   res = (res*res) % n;
will result in the creation of two temporary objects, one for the product, and one for the result of the mod operation, whose value is copied into res. Of course, the compiler automatically generates the code for cleaning up temporaries and other local objects at the right time. The programmer does not have to worry about this.

This example is a bit more interesting. The following program prompts the user for an input, and applies a simple probabilistic primality test. Note that NTL already provides a slightly more sophisticated prime test.

#include <NTL/ZZ.h>

long witness(const ZZ& n, const ZZ& x)
   ZZ m, y, z;
   long j, k;

   if (x == 0) return 0;

   // compute m, k such that n-1 = 2^k * m, m odd:

   k = 1;
   m = n/2;
   while (m % 2 == 0) {
      m /= 2;

   z = PowerMod(x, m, n); // z = x^m % n
   if (z == 1) return 0;

   j = 0;
   do {
      y = z;
      z = (y*y) % n; 
   } while (j < k && z != 1);

   return z != 1 || y != n-1;

long PrimeTest(const ZZ& n, long t)
   if (n <= 1) return 0;

   // first, perform trial division by primes up to 2000

   PrimeSeq s;  // a class for quickly generating primes in sequence
   long p;

   p =;  // first prime is always 2
   while (p && p < 2000) {
      if ((n % p) == 0) return (n == p);
      p =;  

   // second, perform t Miller-Rabin tests

   ZZ x;
   long i;

   for (i = 0; i < t; i++) {
      x = RandomBnd(n); // random number between 0 and n-1

      if (witness(n, x)) 
         return 0;

   return 1;

int main()
   ZZ n;

   cout << "n: ";
   cin >> n;

   if (PrimeTest(n, 10))
      cout << n << " is probably prime\n";
      cout << n << " is composite\n";

Note that in NTL, there are typically a number of ways to compute the same thing. For example, consider the computation of m and k in function witness. We could have written it thusly:

   k = 1;
   m = n >> 1;
   while (!IsOdd(m)) {
      m >>= 1;
It turns out that this is actually not significantly more efficient than the original version, because the implementation optimizes multiplication and division by 2.

The following is more efficient:

   k = 1;
   while (bit(n, k) == 0) k++;
   m = n >> k;
As it happens, there is a built-in NTL routine that does just what we want:
   m = n-1;
   k = MakeOdd(m);

Having seen a number of examples involving ZZs, let's look at the ZZ interface in a bit more detail.

Constructors, assignment, and conversions

When you declare an object of type ZZ, the default constructor initializes to the value 0. As we have already seen, there is an assignment operator that allows one to copy the value of one ZZ to another. Note that these copies (like almost all copies in NTL) are "deep", i.e., the actual data is copied, and not just a pointer. Of course, if the amount of space allocated by the destination of the assignment is insufficient to hold the value of the source, space is automatically re-allocated.

One can also assign a value of type long to a ZZ:

   ZZ x;
   x = 1;

Note that one cannot write

   ZZ x = 1;  // error
to initialize a ZZ. As a design principle, NTL avoids implicit conversions, and unfortunately, the only way to allow initializations like this in C++ is to define an implicit conversion operator. Instead, one could write
   ZZ x = to_ZZ(1);
This is an example of one of NTL's conversion routines. For very large constants, one can write:
   ZZ x = to_ZZ("99999999999999999999");
These examples illustrate conversion rountines in their functional forms. The corresponding procedural forms are all called conv, e.g.,
   ZZ x;
   conv(x, 1);
   conv(x, "99999999999999999999");


All of the basic arithmetic operators are supported, including comparison, arithmetic, shift, and bit-wise logical operations. One can mix ZZs and longs in any expresion in a natural way. As was already mentioned, NTL does not support implicit type conversion; rather, for basic operations, it simply overloads the operators or functions in a way to achieve a kind of "promotion logic": if one input is a ZZ and the other is a long (or something that implicitly converts to a long, like an int), the long input is effectively converted to a ZZ. Moreover, wherever possible, the implementation does this as efficiently as possible, and usually avoids the creation of a temporary ZZ.

There are also procedural versions for all the basic arithmetic operations:

   add, sub, negate, mul, sqr, div, rem, DivRem, 
   LeftShift, RightShift,
   bit_and, bit_or, bit_xor

There are many other routines. Here is a brief summary:

  • GCD -- computes greatest common divisor of two integers
  • XGCD -- extended Euclidean algorithm
  • AddMod, SubMod, NegateMod, MulMod, SqrMod, InvMod, PowerMod -- routines for modular arithmetic, including inversion and exponentiation
  • NumBits -- length of binary representation
  • bit -- extract a bit
  • ZZFromBytes, BytesFromZZ -- convert between octet strings and ZZs
  • RandomBnd, RandomBits, RandomLen -- routines for generating pseudo-random numbers
  • GenPrime, ProbPrime -- routines for generating primes and testing primality
  • power -- (non-modular) exponentiation
  • SqrRoot -- integer part of square root
  • Jacobi, SqrRootMod -- Jacobi symbol and modular square root

Most of these functions also have pure long versions as well, and as usual, there are both functional and procedural variants.

There are other functions as well. See ZZ.txt for complete details. Also see tools.txt for some basic services provided by NTL.

[Previous] [Up] [Next]