Remote Access Mathematics of Computation
Green Open Access

Mathematics of Computation

ISSN 1088-6842(online) ISSN 0025-5718(print)

 
 

 

Root optimization of polynomials in the number field sieve


Authors: Shi Bai, Richard P. Brent and Emmanuel Thomé
Journal: Math. Comp. 84 (2015), 2447-2457
MSC (2010): Primary 11Y05, 11Y16
DOI: https://doi.org/10.1090/S0025-5718-2015-02926-3
Published electronically: February 11, 2015
MathSciNet review: 3356034
Full-text PDF

Abstract | References | Similar Articles | Additional Information

Abstract: The general number field sieve (GNFS) is the most efficient algorithm known for factoring large integers. It consists of several stages, the first one being polynomial selection. The quality of the chosen polynomials in polynomial selection can be modelled in terms of size and root properties. In this paper, we describe some algorithms for selecting polynomials with very good root properties.


References [Enhancements On Off] (What's this?)

  • [1] Kazumaro Aoki and Hiroki Ueda, Sieving using bucket sort, Advances in cryptology--ASIACRYPT 2004, Lecture Notes in Comput. Sci., vol. 3329, Springer, Berlin, 2004, pp. 92-102. MR 2150089 (2006c:11147), https://doi.org/10.1007/978-3-540-30539-2_8
  • [2] Eric Bach and René Peralta, Asymptotic semismoothness probabilities, Math. Comp. 65 (1996), no. 216, 1701-1715. MR 1370848 (98a:11123), https://doi.org/10.1090/S0025-5718-96-00775-2
  • [3] S. Bai, C. Bouvier, A. Filbois, P. Gaudry, L. Imbert, A. Kruppa, F. Morain, E. Thomé, P. Zimmermann, CADO-NFS, an implementation of the number field sieve algorithm. Release 2.0, available from http://cado-nfs.gforge.inria.fr, 2013.
  • [4] S. Bai, E. Thomé, P. Zimmermann, Factorisation of RSA-704 with CADO-NFS. Report, 2012. http://eprint.iacr.org/2012/369.pdf.
  • [5] H. Boender, Factoring large integers with the quadratic sieve. PhD thesis, Leiden University, 1997.
  • [6] J. P. Buhler, H. W. Lenstra Jr., and Carl Pomerance, Factoring integers with the number field sieve, The development of the number field sieve, Lecture Notes in Math., vol. 1554, Springer, Berlin, 1993, pp. 50-94. MR 1321221, https://doi.org/10.1007/BFb0091539
  • [7] Willemien Ekkelkamp, Predicting the sieving effort for the number field sieve, Algorithmic number theory, Lecture Notes in Comput. Sci., vol. 5011, Springer, Berlin, 2008, pp. 167-179. MR 2467845 (2009k:11203), https://doi.org/10.1007/978-3-540-79456-1_11
  • [8] Jason E. Gower, Rotations and translations of number field sieve polynomials, Advances in cryptology--ASIACRYPT 2003, Lecture Notes in Comput. Sci., vol. 2894, Springer, Berlin, 2003, pp. 302-310. MR 2093587 (2005f:11038), https://doi.org/10.1007/978-3-540-40061-5_18
  • [9] Andrew Granville, Smooth numbers: computational number theory and beyond, Algorithmic number theory: lattices, number fields, curves and cryptography, Math. Sci. Res. Inst. Publ., vol. 44, Cambridge Univ. Press, Cambridge, 2008, pp. 267-323. MR 2467549 (2010g:11214)
  • [10] Adolf Hildebrand and Gérald Tenenbaum, Integers without large prime factors, J. Théor. Nombres Bordeaux 5 (1993), no. 2, 411-484. MR 1265913 (95d:11116)
  • [11] Thorsten Kleinjung, On polynomial selection for the general number field sieve, Math. Comp. 75 (2006), no. 256, 2037-2047 (electronic). MR 2249770 (2007f:11140), https://doi.org/10.1090/S0025-5718-06-01870-9
  • [12] T. Kleinjung, Polynomial selection. In CADO workshop on integer factorization, INRIA Nancy, 2008.
    http://cado.gforge.inria.fr/workshop/slides/kleinjung.pdf.
  • [13] Thorsten Kleinjung, Kazumaro Aoki, Jens Franke, Arjen K. Lenstra, Emmanuel Thomé, Joppe W. Bos, Pierrick Gaudry, Alexander Kruppa, Peter L. Montgomery, Dag Arne Osvik, Herman te Riele, Andrey Timofeev, and Paul Zimmermann, Factorization of a 768-bit RSA modulus, Advances in cryptology--CRYPTO 2010, Lecture Notes in Comput. Sci., vol. 6223, Springer, Berlin, 2010, pp. 333-350. MR 2725602, https://doi.org/10.1007/978-3-642-14623-7_18
  • [14] A. K. Lenstra and H. W. Lenstra, Jr., editors,
    The Development of the Number Field Sieve, volume 1554, Lecture Notes in Mathematics,
    Springer, 1993.
  • [15] Michael A. Morrison and John Brillhart, A method of factoring and the factorization of $ F_{7}$, Math. Comp. 29 (1975), 183-205. MR 0371800 (51 #8017)
  • [16] Brian Murphy, Modelling the yield of number field sieve polynomials, Algorithmic number theory (Portland, OR, 1998) Lecture Notes in Comput. Sci., vol. 1423, Springer, Berlin, 1998, pp. 137-150. MR 1726067 (2001d:11029), https://doi.org/10.1007/BFb0054858
  • [17] B. A. Murphy, Polynomial selection for the number field sieve integer factorisation algorithm, PhD thesis, The Australian National University, 1999.
  • [18] Brian Murphy and Richard P. Brent, On quadratic polynomials for the number field sieve, Computing theory '98 (Perth), Aust. Comput. Sci. Commun., vol. 20, Springer, Singapore, 1998, pp. 199-213. MR 1723947 (2000i:11189)
  • [19] J. M. Pollard, The lattice sieve, The development of the number field sieve, Lecture Notes in Math., vol. 1554, Springer, Berlin, 1993, pp. 43-49. MR 1321220, https://doi.org/10.1007/BFb0091538
  • [20] Carl Pomerance and Samuel S. Wagstaff Jr., Implementation of the continued fraction integer factoring algorithm, Congr. Numer. 37 (1983), 99-118. MR 703581 (85c:11124)
  • [21] C. Stahlke and T. Kleinjung, Ideas for Finding Better Polynomials to Use in GNFS. In Workshop on Factoring Large Numbers, Discrete Logarithms and Cryptanalytical Hardware, Institut für Experimentelle Mathematik, Universität Duisburg-Essen, 2008.

Similar Articles

Retrieve articles in Mathematics of Computation with MSC (2010): 11Y05, 11Y16

Retrieve articles in all journals with MSC (2010): 11Y05, 11Y16


Additional Information

Shi Bai
Affiliation: Department of Mathematics, University of Auckland, Auckland, New Zealand.
Email: shih.bai@gmail.com

Richard P. Brent
Affiliation: Mathematical Sciences Institute, Australian National University, Australia.
Email: nfs@rpbrent.com

Emmanuel Thomé
Affiliation: INRIA Nancy, Villers-lès-Nancy, France.
Email: emmanuel.thome@inria.fr

DOI: https://doi.org/10.1090/S0025-5718-2015-02926-3
Received by editor(s): June 14, 2013
Received by editor(s) in revised form: October 30, 2013, and December 7, 2013
Published electronically: February 11, 2015
Article copyright: © Copyright 2015 American Mathematical Society

American Mathematical Society