Advertisement

Yet Another Sieving Device

  • Willi Geiselmann
  • Rainer Steinwandt
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2964)

Abstract

A compact mesh architecture for supporting the relation collection step of the number field sieve is described. Differing from TWIRL, only isolated chips without inter-chip communication are used. According to a preliminary analysis for 768-bit numbers, with a 0.13 μm process one mesh-based device fits on a single chip of ≈(4.9 cm)2—the largest proposed chips in the TWIRL cluster for 768-bit occupy ≈(6.7 cm)2.

A 300 mm silicon wafer filled with the mesh-based devices is ≈ 6.3 times slower than a wafer with TWIRL clusters, but due to the moderate chip size, lack of inter-chip communication, and the comparatively regular structure, from a practical point of view the mesh-based approach might be as attractive as TWIRL.

Keywords

factorization number field sieve RSA 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [BCP97]
    Bosma, W., Cannon, J., Playoust, C.: The Magma Algebra System I: The User Language. Journal of Symbolic Computation 24, 235–265 (1997)zbMATHCrossRefMathSciNetGoogle Scholar
  2. [Ber01]
    Bernstein, D.J.: Circuits for Integer Factorization: a Proposal (2001), At the time of writing available electronically at http://cr.yp.to/papers.html#nfscircuit
  3. [GS03a]
    Geiselmann, W., Steinwandt, R.: A Dedicated Sieving Hardware. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 254–266. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. [GS03b]
    Geiselmann, W., Steinwandt, R.: Hardware to Solve Sparse Systems of Linear Equations over GF(2). In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 51–61. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. [GS03c]
    Geiselmann, W., Steinwandt, R.: Yet Another Sieving Device (extended version). Cryptology ePrint Archive: Report 2003/202 (2003), At the time of writing available at http://eprint.iacr.org/2003/202/
  6. [LHWL93]
    Shamir, A., Tromer, E.: Factoring Large Numbers with the TWIRL Device. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 1–26. Springer, Heidelberg (2003)zbMATHGoogle Scholar
  7. [LS00]
    Lenstra, A.K., Shamir, A.: Analysis and Optimization of the TWINKLE Factoring Device. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 35–52. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. [LSTT02]
    Lenstra, A.K., Shamir, A., Tomlinson, J., Tromer, E.: Analysis of Bernstein’s Factorization Circuit. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 1–26. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. [Sha99]
    Shamir, A.: Factoring Large Numbers with the TWINKLE Device. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 2–12. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  10. [ST03]
    Shamir, A., Tromer, E.: Factoring Large Numbers with the TWIRL Device. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 1–26. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Willi Geiselmann
    • 1
  • Rainer Steinwandt
    • 1
  1. 1.IAKS, Arbeitsgruppe Systemsicherheit, Prof. Dr. Th. Beth, Fakultät für InformatikUniversität KarlsruheKarlsruheGermany

Personalised recommendations