A World Wide Number Field Sieve factoring record: On to 512 bits (original) (raw)

Abstract

We present data concerning the factorization of the 130-digit number RSA130 which we factored on April 10, 1996, using the Number Field Sieve factoring method. This factorization beats the 129-digit record that was set on April 2, 1994, by the Quadratic Sieve method. The amount of computer time spent on our new record factorization is only a fraction of what was spent on the previous record. We also discuss a World Wide Web interface to our sieving program that we have developed to facilitate contributing to the sieving stage of future large scale factoring efforts. These developments have a serious impact on the security of RSA public key cryptosystems with small moduli. We present a conservative extrapolation to estimate the difficulty of factoring 512-bit numbers.

Access this chapter

Log in via an institution

We’re sorry, something doesn't seem to be working properly.

Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Preview

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

1. D. Atkins, M. Graff, A.K. Lenstra, and P.C. Leyland, THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE, Advances in Cryptology, Asiacrypt'94, Lecture Notes in Comput. Sci. 917 (1995), 265–277.
   Google Scholar
2. D. J. Bernstein, A. K. Lenstra, A general number field sieve implementation, 103–126 in: [12].
   Google Scholar
3. J. Buchmann, J. Loho, J. Zayer, An implementation of the general number field sieve, Advances in Cryptology, Crypto '93, Lecture Notes in Comput. Sci. 773 (1994) 159–165.
   Google Scholar
4. T. Denny, B. Dodson, A. K. Lenstra, M. S. Manasse, On the factorization of RSA-120, Advances in Cryptology, Crypto '93, Lecture Notes in Comput. Sci. 773 (1994) 166–174.
   Google Scholar
5. B. Dixon, A. K. Lenstra, Factoring integers using SIMD sieves, Advances in Cryptology, Eurocrypt '93, Lecture Notes in Comput. Sci. 765 (1994) 28–39.
   Google Scholar
6. B. Dodson, A. K. Lenstra, NFS with four large primes: an explosive experiment, Advances in Cryptology, Crypto '95, Lecture Notes in Comput. Sci. 963 (1995) 372–385.
   Google Scholar
7. R. M. Elkenbracht-Huizing, An implementation of the number field sieve, Technical Report NM-R9511, Centrum voor Wiskunde en Informatica, Amsterdam, 1995; to appear in Experimental Mathematics.
   Google Scholar
8. R. M. Elkenbracht-Huizing, A multiple polynomial general number field sieve, Proceedings ANTS II, to appear.
   Google Scholar
9. M. Gardner, Mathematical games, A new kind of cipher that would take millions of years to break, Scientific American, August 1977, 120–124.
   Google Scholar
10. R. Golliver, A. K. Lenstra, K. McCurley, Lattice sieving and trial division, ANTS '94, Lecture Notes in Comput. Sci. 877 (1994) 18–27.
    Google Scholar
11. A. K. Lenstra, H. W. Lenstra, Jr., Algorithms in number theory, Chapter 12 in: J. van Leeuwen (ed.), Handbook of theoretical computer science, Volume A, Algorithms and complexity, Elsevier, Amsterdam, 1990.
    Google Scholar
12. A. K. Lenstra, H. W. Lenstra, Jr. (eds), The development of the number field sieve, Lecture Notes in Math. 1554, Springer-Verlag, Berlin, 1993.
    Google Scholar
13. A. K. Lenstra, M. S. Manasse, Factoring by electronic mail, Advances in Cryptology, Eurocrypt '89, Lecture Notes in Comput. Sci. 434 (1990) 355–371.
    Google Scholar
14. A. K. Lenstra, M. S. Manasse, Factoring with two large primes, Advances in Cryptology, Eurocrypt '90, Lecture Notes in Comput. Sci. 473 (1991) 72–82; Math. Comp., 63 (1994) 785–798.
    Google Scholar
15. P. L. Montgomery, Square roots of products of algebraic numbers, Proceedings of Symposia in Applied Mathematics, Mathematics of Computation 1943–1993, Vancouver, 1993, Walter Gautschi, ed.
    Google Scholar
16. P. L. Montgomery, A block Lanczos algorithm for finding dependencies over GF(2), Advances in Cryptology, Eurocrypt'95, Lecture Notes in Comput. Sci. 921 (1995) 106–120.
    Google Scholar
17. J. M. Pollard, The lattice sieve, 43–49 in: [12].
    Google Scholar
18. RSA Data Security Corporation Inc., sci.crypt, May 18, 1991; information available by sending electronic mail to challenge-rsa-list@rsa.com.
    Google Scholar

Download references

Author information

Authors and Affiliations

1. Cooperating Systems Corporation, 12 Hollywood Drive, 02167, Chestnut Hill, MA, USA
   James Cowie
2. Department of Mathematics, Lehigh University, 18015-3174, Bethlehem, PA, USA
   Bruce Dodson
3. Centrum voor Wiskunde en Informatica, Kruislaan 413, 1098, SJ Amsterdam, The Netherlands
   R. Marije Elkenbracht-Huizing
4. Citibank, N.A., 4 Sylvan Way, 07054, Parsippany, NJ, USA
   Arjen K. Lenstra
5. 780 Las Colindas Road, 94903-2346, San Rafael, CA, USA
   Peter L. Montgomery
6. Gartenstrasse 13, 66352, Dorf im Warndt, Germany
   Jörg Zayer

Authors

1. James Cowie
2. Bruce Dodson
3. R. Marije Elkenbracht-Huizing
4. Arjen K. Lenstra
5. Peter L. Montgomery
6. Jörg Zayer

Editor information

Kwangjo Kim Tsutomu Matsumoto

Rights and permissions

Copyright information

© 1996 Springer-Verlag

About this paper

Cite this paper

Cowie, J., Dodson, B., Elkenbracht-Huizing, R.M., Lenstra, A.K., Montgomery, P.L., Zayer, J. (1996). A World Wide Number Field Sieve factoring record: On to 512 bits. In: Kim, K., Matsumoto, T. (eds) Advances in Cryptology — ASIACRYPT '96. ASIACRYPT 1996. Lecture Notes in Computer Science, vol 1163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0034863

Download citation

• .RIS
• .ENW
• .BIB
• DOI: https://doi.org/10.1007/BFb0034863
• Published: 26 June 2005
• Publisher Name: Springer, Berlin, Heidelberg
• Print ISBN: 978-3-540-61872-0
• Online ISBN: 978-3-540-70707-3
• eBook Packages: Springer Book Archive

Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Publish with us