When we have y² = z² (mod n) then y² – z² = kn for some k.
But y² – z² = (y+z)(y–z) = kn. We have ruled out the case where n divides y+z or y–z as trivial.
(y+z)(y–z) = kn and thus n divides (y+z)(y–z), but divides neither (y+z) nor (y–z), therefore some factor of n must divide (y+z) while its cofactor divides (y–z).
Thus gcd(n, y+z) and gcd(n, y–z) must both yield factors of n greater than 1.