Results 1  10
of
15
An Implementation of the General Number Field Sieve
 In Proceedings of Crypto'93
, 1993
"... It was shown in [2] that under reasonable assumptions the general number field sieve (GNFS) is the asymptotically fastest known factoring algorithm. It is, however, not known how this algorithm behaves in practice. In this report we describe practical experience with our implementation of the GNFS ..."
Abstract

Cited by 23 (2 self)
 Add to MetaCart
It was shown in [2] that under reasonable assumptions the general number field sieve (GNFS) is the asymptotically fastest known factoring algorithm. It is, however, not known how this algorithm behaves in practice. In this report we describe practical experience with our implementation of the GNFS whose first version was completed in January 1993 at the Department of Computer Science at the Universitat des Saarlandes. 1 Introduction Factoring rational integers into primes is one of the most important and most difficult problems of computational number theory. It was shown in [2] that under reasonable assumptions the general number field sieve (GNFS) is the asymptotically fastest known factoring algorithm. It is, however, not known how this algorithm behaves in practice. In this report we describe practical experience with the first version of our implementation of the GNFS. For our implementation we used the methods described in [2], [3], and [7]. In the course of the implementati...
Factorization of a 768bit RSA modulus
, 2010
"... This paper reports on the factorization of the 768bit number RSA768 by the number field sieve factoring method and discusses some implications for RSA. ..."
Abstract

Cited by 21 (6 self)
 Add to MetaCart
This paper reports on the factorization of the 768bit number RSA768 by the number field sieve factoring method and discusses some implications for RSA.
An Implementation of the Number Field Sieve
 EXPERIMENTAL MATHEMATICS
, 1996
"... This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical sieving and a special form of lattice sieving (line sieving), the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implem ..."
Abstract

Cited by 13 (0 self)
 Add to MetaCart
This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical sieving and a special form of lattice sieving (line sieving), the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implementation are listed, including the record factorization of 12^151 1.
Strategies in Filtering in the Number Field Sieve
 In preparation
, 2000
"... A critical step when factoring large integers by the Number Field Sieve [8] consists of finding dependencies in a huge sparse matrix over the field F2 , using a Block Lanczos algorithm. Both size and weight (the number of nonzero elements) of the matrix critically affect the running time of Block ..."
Abstract

Cited by 13 (2 self)
 Add to MetaCart
A critical step when factoring large integers by the Number Field Sieve [8] consists of finding dependencies in a huge sparse matrix over the field F2 , using a Block Lanczos algorithm. Both size and weight (the number of nonzero elements) of the matrix critically affect the running time of Block Lanczos. In order to keep size and weight small the relations coming out of the siever do not flow directly into the matrix, but are filtered first in order to reduce the matrix size. This paper discusses several possible filter strategies and their use in the recent record factorizations of RSA140, R211 and RSA155. 2000 Mathematics Subject Classification: Primary 11Y05. Secondary 11A51. 1999 ACM Computing Classification System: F.2.1. Keywords and Phrases: Number Field Sieve, factoring, filtering, Structured Gaussian elimination, Block Lanczos, RSA. Note: Work carried out under project MAS2.2 "Computational number theory and data security". This report will appear in the proceed...
Computing Discrete Logarithms with the General Number Field Sieve
, 1996
"... . The difficulty in solving the discrete logarithm problem is of extreme cryptographic importance since it is widely used in signature schemes, message encryption, key exchange, authentication and so on ([15], [17], [21], [29] etc.). The General Number Field Sieve (GNFS) is the asymptotically fastes ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
. The difficulty in solving the discrete logarithm problem is of extreme cryptographic importance since it is widely used in signature schemes, message encryption, key exchange, authentication and so on ([15], [17], [21], [29] etc.). The General Number Field Sieve (GNFS) is the asymptotically fastest known method to compute discrete logs mod p [18]. With the first implementation of the GNFS for discrete logs by using Schirokauer's improvement [27] we were able to show its practicability [31]. In this report we write about a new record in computing discrete logarithms mod p and some experimental data collected while finishing the precomputation step for breaking K. McCurley's 129digit challenge [10]. 1 Introduction Let p be a prime number and IF p (\Delta) be the cyclic multiplicative group of the prime field of p elements, which has order p \Gamma 1. Let a 2 IF p . In the case of b 2 hai, the multiplicative subgroup generated by a, there exist infinitely many x 2 IN 0 such th...
Integer Factoring
, 2000
"... Using simple examples and informal discussions this article surveys the key ideas and major advances of the last quarter century in integer factorization. ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Using simple examples and informal discussions this article surveys the key ideas and major advances of the last quarter century in integer factorization.
The MultipleLattice Number Field Sieve
 Chapter 3 of Ph.D. thesis; ftp://koobera.math.uic.edu/pub/papers/mlnfs.dvi
"... We introduce the multiplelattice number field sieve. The formal relation between the multiplelattice number field sieve and the number field sieve is the same as the formal relation between the multiplepolynomial quadratic sieve and the quadratic sieve. ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We introduce the multiplelattice number field sieve. The formal relation between the multiplelattice number field sieve and the number field sieve is the same as the formal relation between the multiplepolynomial quadratic sieve and the quadratic sieve.
Relation collection for the Function Field Sieve
"... Abstract—In this paper, we focus on the relation collection step of the Function Field Sieve (FFS), which is to date the best algorithm known for computing discrete logarithms in smallcharacteristic finite fields of cryptographic sizes. Denoting such a finite field by Fpn, where p is much smaller th ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Abstract—In this paper, we focus on the relation collection step of the Function Field Sieve (FFS), which is to date the best algorithm known for computing discrete logarithms in smallcharacteristic finite fields of cryptographic sizes. Denoting such a finite field by Fpn, where p is much smaller than n, the main idea behind this step is to find polynomials of the form a(t) − b(t)x in Fp[t][x] which, when considered as principal ideals in carefully selected function fields, can be factored into products of lowdegree prime ideals. Such polynomials are called “relations”, and current recordsized discretelogarithm computations need billions of those. Collecting relations is therefore a crucial and extremely expensive step in FFS, and a practical implementation thereof requires heavy use of cacheaware sieving algorithms, along with efficient polynomial arithmetic over Fp[t]. This paper presents the algorithmic and arithmetic techniques which were put together as part of a new public implementation of FFS, aimed at medium to recordsized computations. Keywordsfunction field sieve; discrete logarithm; polynomial arithmetic; finitefield arithmetic. I.
Efficient SIMD arithmetic modulo a Mersenne number
 In IEEE Symposium on Computer Arithmetic – ARITH20
, 2011
"... Abstract—This paper describes carryless arithmetic operations modulo an integer 2 M − 1 in the thousandbit range, targeted at single instruction multiple data platforms and applications where overall throughput is the main performance criterion. Using an implementation on a cluster of PlayStation ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
Abstract—This paper describes carryless arithmetic operations modulo an integer 2 M − 1 in the thousandbit range, targeted at single instruction multiple data platforms and applications where overall throughput is the main performance criterion. Using an implementation on a cluster of PlayStation 3 game consoles a new record was set for the elliptic curve method for integer factorization.
An Implementation of the Number Field Sieve
 Experimental Mathematics
, 1995
"... The Number Field Sieve (NFS) is the asymptotically fastest known factoring algorithm for large integers. This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical and lattice sieving, the block Lanczos method and a new square root algorith ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
The Number Field Sieve (NFS) is the asymptotically fastest known factoring algorithm for large integers. This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical and lattice sieving, the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implementation are listed, including the record factorization of 12 151 \Gamma 1. AMS Subject Classification (1991): 11Y05, 11Y40 Keywords & Phrases: number field sieve, factorization Note: This report has been submitted for publication elsewhere. Note: This research is funded by the Nederlandse Organisatie voor Wetenschappelijk Onderzoek (Netherlands Organization for Scientific Research, NWO) through the Stichting Mathematisch Centrum (SMC), under grant number 611307022. 1. Introduction The Number Field Sieve (NFS)  introduced in 1988 by John Pollard [19]  is the asymptotically fastest known algorithm for factoring inte...