Results 1  10
of
22
Implementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware
"... A novel portable hardware architecture of the Elliptic Curve Method of factoring, designed and optimized for application in the relation collection step of the Number Field Sieve, is described and analyzed. A comparison with an earlier proofofconcept design by Pelzl, Simka, et al. has been perform ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
(Show Context)
A novel portable hardware architecture of the Elliptic Curve Method of factoring, designed and optimized for application in the relation collection step of the Number Field Sieve, is described and analyzed. A comparison with an earlier proofofconcept design by Pelzl, Simka, et al. has been performed, and a substantial improvement has been demonstrated in terms of both the execution time and the areatime product. The ECM architecture has been ported across five different families of FPGA devices in order to select the family with the best performance to cost ratio. A timing comparison with the highly optimized software implementation, GMPECM, has been performed. Our results indicate that lowcost families of FPGAs, such as Spartan3 and Spartan3E, offer at least an order of magnitude improvement over the same generation of microprocessors in terms of the performance to cost ratio. 1.
An Implementation of the Number Field Sieve
 EXPERIMENTAL MATHEMATICS
, 1996
"... This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical sieving and a special form of lattice sieving (line sieving), the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implem ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
This article describes an implementation of the NFS, including the choice of two quadratic polynomials, both classical sieving and a special form of lattice sieving (line sieving), the block Lanczos method and a new square root algorithm. Finally some data on factorizations obtained with this implementation are listed, including the record factorization of 12^151 1.
Euclidean rings of algebraic integers
 Canad. J. Math
"... Abstract. Let K be a finite Galois extension of the field of rational numbers with unit rank greater than 3. We prove that the ring of integers of K is a Euclidean domain if and only if it is a principal ideal domain. This was previously known under the assumption of the generalized Riemann hypothes ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
Abstract. Let K be a finite Galois extension of the field of rational numbers with unit rank greater than 3. We prove that the ring of integers of K is a Euclidean domain if and only if it is a principal ideal domain. This was previously known under the assumption of the generalized Riemann hypothesis for Dedekind zeta functions. We now prove this unconditionally. 1
A search for Wilson primes
 Mathematics of Computation, preprint http://arxiv.org/abs/1209.3436
, 2012
"... ar ..."
(Show Context)
HighPerformance Integer Factoring with Reconfigurable Devices
 INTERNATIONAL CONFERENCE ON FIELD PROGRAMMABLE LOGIC AND APPLICATIONS
, 2010
"... We present a novel FPGAbased implementation of the Elliptic Curve Method (ECM) for the factorization of mediumsized composite integers. More precisely, we demonstrate an ECM implementation capable to determine prime factors of up to 2,424 151bit integers per second using a single Xilinx Virtex4 ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
We present a novel FPGAbased implementation of the Elliptic Curve Method (ECM) for the factorization of mediumsized composite integers. More precisely, we demonstrate an ECM implementation capable to determine prime factors of up to 2,424 151bit integers per second using a single Xilinx Virtex4 SX35 FPGA. Using this implementation on a cluster like the COPACOBANA is beneficial for attacking cryptographic primitives like the wellknown RSA cryptosystem with advanced methods such as the Number Field Sieve (NFS). To provide this vast number of integer factorizations per FPGA, we make use of the available DSP blocks on each Virtex4 device to accelerate lowlevel arithmetic computations. This methodology allows the development of a timearea efficient design that runs 24 ECM cores in parallel, implementing both phase 1 and phase 2 of the ECM. Moreover, our design is fully scalable and supports composite integers in the range from 66 to 236 bits without any significant modifications to the hardware. Compared to the implementation by Gaj et al., who reported an ECM design for the same Virtex4 platform, our improved architecture provides an advanced costperformance ratio which is better by a factor of 37.
An experiment of Number Field Sieve for discrete logarithm problem over GF (p12
 In Number Theory and Cryptography
, 2013
"... The security of pairingbased cryptography is based on the hardness of solving the discrete logarithm problem (DLP) over an extension field GF(pn) of characteristic p and degree n. Joux et al. proposed the asymptotically fastest algorithm for solving DLPs over GF(pn) (JLSV06NFS). This algorithm is ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
The security of pairingbased cryptography is based on the hardness of solving the discrete logarithm problem (DLP) over an extension field GF(pn) of characteristic p and degree n. Joux et al. proposed the asymptotically fastest algorithm for solving DLPs over GF(pn) (JLSV06NFS). This algorithm is an extension of the number field sieve over the prime field GF(p) (JL03NFS). The lattice sieve is often used in largescaled experiments on solving DLPs over GF(p). Franke and Kleinjung proposed a twodimensional lattice sieve that efficiently enumerates all the points in a given sieve region of the lattice. However, we have to consider a sieve region of more than two dimensions in the lattice sieve of JLSV06NFS. In this paper, we presented an implementation of the number field sieve for solving the DLP over an extension field GF(pn) that underpinned the security of pairingbased cryptography. Especially we proposed the implementation of the lattice sieve of more than two dimensions. In our experiment, we discussed the
Evaluation Report on the Factoring Problem
 Society International Conference, September N., (1981C).  23rd IEEE
, 2001
"... This document is an evaluation of the factoring problem, as a basis for designing cryptographic schemes. It relies on the analysis of numerous research papers on the subject. The present report is organized as follows: firstly, we review the factoring problem ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
This document is an evaluation of the factoring problem, as a basis for designing cryptographic schemes. It relies on the analysis of numerous research papers on the subject. The present report is organized as follows: firstly, we review the factoring problem
Areatime efficient implementation of the elliptic curve method of factoring in reconfigurable hardware for application in the number field sieve
 IEEE Transactions on Computers
, 2009
"... Abstract — A novel portable hardware architecture of the Elliptic Curve Method of factoring, designed and optimized for application in the relation collection step of the Number Field Sieve, is described and analyzed. A comparison with an earlier proofofconcept design by Pelzl, ˇSimka, et al. has ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract — A novel portable hardware architecture of the Elliptic Curve Method of factoring, designed and optimized for application in the relation collection step of the Number Field Sieve, is described and analyzed. A comparison with an earlier proofofconcept design by Pelzl, ˇSimka, et al. has been performed, and a substantial improvement has been demonstrated in terms of both the execution time and the areatime product. The ECM architecture has been ported across five different families of FPGA devices in order to select the family with the best performance to cost ratio. A timing comparison with the highly optimized software implementation, GMPECM, has been performed. Our results indicate that lowcost families of FPGAs, such as Spartan3 and Spartan3E, offer at least an order of magnitude improvement over the same generation of microprocessors in terms of the performance to cost ratio, without the use of embedded FPGA resources, such as embedded multipliers. Index Terms — Cipherbreaking, factoring, ECM, FPGA, NFS I.
Algebraic Number Theory
, 2009
"... 2. Number fields........................................ 9 3. Norms, traces and discriminants.............................. 15 4. Rings of integers....................................... 20 ..."
Abstract
 Add to MetaCart
(Show Context)
2. Number fields........................................ 9 3. Norms, traces and discriminants.............................. 15 4. Rings of integers....................................... 20
Compressing and Disguising Elements in Discrete Logarithm Cryptography
, 2008
"... In the modern world, the ubiquity of digital communication is driven by the constantly evolving world of cryptography. Consequently one must efficiently implement asymmetric cryptography in environments which have limited resources at their disposal, such as smart–cards, ID cards, vehicular microchi ..."
Abstract
 Add to MetaCart
(Show Context)
In the modern world, the ubiquity of digital communication is driven by the constantly evolving world of cryptography. Consequently one must efficiently implement asymmetric cryptography in environments which have limited resources at their disposal, such as smart–cards, ID cards, vehicular microchips and many more. It is the primary purpose of this thesis to investigate methods for reducing the bandwidth required by these devices. Part I of this thesis considers compression techniques for elliptic curve cryptography (ECC). We begin this by analysing how much data is actually required to establish domain parameters for ECC. Following the widely used cryptographic standards (for example: SEC 1), we show that naïvely implemented systems use extensively more data than is actually required and suggest a flexible and compact way to better implement these. This is especially of use in a multi–curve environment. We then investigate methods for reducing the inherent redundancy in the point representation of Koblitz systems; a by–product of the best known Pollard–ρ based attacks by Wiener & Zuccherato and Gallant, Lambert & Vanstone. We present methods which allow such systems to operate (with a high confidence) as efficiently as generic ones whilst maintaining all of their com