Abstract
We describe a hardware device for supporting the sieving step in integer factoring algorithms like the quadratic sieve or the number field sieve. In analogy to Bernstein's proposal for speeding up the linear algebra step, we rely on a mesh of very simple processing units. Manufacturing the device at moderate cost with current hardware technology on standard wafers with 200 mm or 300 mm diameter should not provide any major obstacle.
A preliminary analysis of the parameters for factoring a 512-bit number with the number field sieve shows that the design considered here might outperform a TWINKLE device.
Chapter PDF
Similar content being viewed by others
References
Daniel J. Bernstein. Circuits for Integer Factorization: a Proposal. At the time of writing available electronically at http://cr.yp.to/papers.html#nfscircuit, 2001. 254, 256, 257
Stefania Cavallar, Bruce Dodson, Arjen K. Lenstra, Walter Lioen, Peter L. Montgomery, Brian Murphy, Hermante Riele, Karen Aardal, Je. Gilchrist, Gérard Guillerm, Paul Leyland, Joël Marchand, François Morain, Alec Muffet, Chris Putnam, Craig Putnam, and Paul Zimmermann. Factorization of a 512-bit RSA Modulus. In Bart Preneel, editor, Advances in Cryptology — EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science, pages 1–18. Springer, 2000. 255, 262
Marije Elkenbracht-Huizing. An Implementation of the Number Field Sieve. Experimental Mathematics, 5(3):231–253, 1996. 256
Arjen K. Lenstra and Jr. Hendrik W. Lenstra, editors. The development of the number field sieve, volume 1554 of Lecture Notes in Mathematics. Springer, 1993. 255
Arjen K. Lenstra and Adi Shamir. Analysis and Optimization of the TWINKLE Factoring Device. In Bart Preneel, editor, Advances in Cryptology — EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science, pages 35–52. Springer, 2000. 254, 255, 256, 261
Arjen K. Lenstra, Adi Shamir, Jim Tomlinson, and Eran Tromer. Analysis of Bernstein’s Factorization Circuit. At the time of writing available electronically at http://www.cryptosavvy.com/mesh.pdf, 2002. 254, 255, 261
Carl Pomerance. A Tale of Two Sieves. Notices of the AMS, 43(12):1473–1485, 1996. 254
Carl Pomerance, J. W. Smith, and Randy Tuler. A pipeline architecture for factoring large integers with the quadratic sieve algorithm. SIAM Journal on Computing, 17:387–403, 1988. 254
Manfred Schimmler. Fast sorting on the instruction systolic array. Technical Report 8709, Christian Albrecht Universität Kiel, Germany, 1987. 256
Adi Shamir. Factoring Large Numbers with the TWINKLE Device. In Çetin K. Koç and Christof Paar, editors, Cryptographic Hardware and Embedded Systems. First International Workshop, CHES’99, volume 1717 of Lecture Notes in Computer Science, pages 2–12. Springer, 1999. 254
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Geiselmann, W., Steinwandt, R. (2003). A Dedicated Sieving Hardware. In: Desmedt, Y.G. (eds) Public Key Cryptography — PKC 2003. PKC 2003. Lecture Notes in Computer Science, vol 2567. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36288-6_19
Download citation
DOI: https://doi.org/10.1007/3-540-36288-6_19
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00324-3
Online ISBN: 978-3-540-36288-3
eBook Packages: Springer Book Archive