Designs, Codes and Cryptography

, Volume 19, Issue 2–3, pp 101–128 | Cite as

Integer Factoring

  • Arjen K. Lenstra
Article

Abstract

Using simple examples and informal discussions this article surveys the key ideas and major advances of the last quarter century in integer factorization.

Integer factorization quadratic sieve number field sieve elliptic curve method Morrison– Brillhart Approach 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    L. M. Adleman, Factoring numbers using singular integers, Proc. 23rd Annual ACM Symp. on Theory of Computing (STOC), New Orleans, (May 6–8, 1991) pp. 64–71.Google Scholar
  2. 2.
    W. R. Alford, A. Granville, and C. Pomerance, There are infinitely many Carmichael numbers, Ann. of Math, Vol. 140 (1994) pp. 703–722.Google Scholar
  3. 3.
    W. R. Alford, A. Granville, and C. Pomerance, On the difficulty of finding reliable witnesses, ANTS'94, Lecture Notes in Comput. Sci., 877 (1994) pp. 1–16.Google Scholar
  4. 4.
    D. Atkins, M. Graff, A. K. Lenstra, and P. C. Leyland, The magic words are squeamish ossifrage, Advances in Cryptology, Asiacrypt'94, Lecture Notes in Comput. Sci., 917 (1995) pp. 265–277.Google Scholar
  5. 5.
    D. J. Bernstein, The multiple-lattice number field sieve, Chapter 3 of Ph.D. thesis; ftp://koobera.math.uic.edu/pub/papers/mlnfs.dvi.Google Scholar
  6. 6.
    W. Bosma and A. K. Lenstra, An implementation of the elliptic curve integer factorization method, Computational Algebra and Number Theory (W. Bosma and A. van der Poorten, eds.), Kluwer Academic Publishers, Dordrecht, Boston, London (1995) pp. 119–136.Google Scholar
  7. 7.
    R. P. Brent, Factorization of the tenth and eleventh Fermat Numbers, manuscript (1996).Google Scholar
  8. 8.
    R. P. Brent and J. M. Pollard, Factorization of the eighth Fermat number, Math. Comp., Vol. 36 (1981) pp. 627–630.Google Scholar
  9. 9.
    J. Buchmann, J. Loho, and J. Zayer, An implementation of the general number field sieve, Advances in Cryptology, Crypto '93, Lecture Notes in Comput. Sci, 773 (1994) pp. 159–165.Google Scholar
  10. 10.
    E. R. Canfield, P. Erdös, and C. Pomerance, On a problem of Oppenheim concerning "Factorisatio Numerorum," J. Number Theory, Vol. 17 (1983) pp. 1–28.Google Scholar
  11. 11.
    H. Cohen, A course in computational number theory, Graduate Texts in Mathematics, Vol. 138, Springer-Verlag, Berlin (1993).Google Scholar
  12. 12.
    S. Contini and A. K. Lenstra, Implementations of blocked Lanczos and Wiedemann algorithms, manuscript.Google Scholar
  13. 13.
    J. Cowie, B. Dodson, R. M. Elkenbracht-Huizing, A. K. Lenstra, P. L. Montgomery, and J. Zayer, A World Wide Number Field Sieve factoring record: on to 512 bits, Advances in Cryptography, Asiacrypt '96, Lecture Notes in Computer Science, 1163 (1996) pp. 382–394.Google Scholar
  14. 14.
    J. A. Davis and D. B. Holdridge, Factorization using the quadratic sieve algorithm, Tech. Report SAND 83–1346, Sandia National Laboratories, Albuquerque, NM (1983).Google Scholar
  15. 15.
    N. G. de Bruijn, On the number of positive integers ≤ x and free of prime factors > y, II, Indag. Math., Vol. 38 (1966) pp. 239–247.Google Scholar
  16. 16.
    M. Deleglise and J. Rivat, Computing π(x): the Meissel, Lehmer, Lagarias, Miller, Odlyzko method, Math. Comp., Vol. 65 (1996) pp. 235–245.Google Scholar
  17. 17.
    T. Denny, B. Dodson, A. K. Lenstra, and M. S. Manasse, On the factorization of RSA-120, Advances in Cryptology, Crypto '93, Lecture Notes in Comput. Sci., 773 (1994) pp. 166–174.Google Scholar
  18. 18.
    B. Dodson and A. K. Lenstra, NFS with four large primes: an explosive experiment, Advances in Cryptology, Crypto '95, Lecture Notes in Comput. Sci., 963 (1995) pp. 372–385.Google Scholar
  19. 19.
    R. M. Elkenbracht-Huizing, An implementation of the number field sieve, Technical Report NM-R9511, Centrum voor Wiskunde en Informatica, Amsterdam, 1995; to appear in Experimental Mathematics.Google Scholar
  20. 20.
    R. M. Elkenbracht-Huizing, A multiple polynomial general number field sieve, Preproceedings ANTS II (H. Cohen, ed.), Universit´e de Bordeaux (1996) pp. 101–116.Google Scholar
  21. 21.
    M. Gardner, Mathematical games, A new kind of cipher that would take millions of years to break, Scientific American (August 1977) pp. 120–124.Google Scholar
  22. 22.
    J. Gillogly, A. K. Lenstra, P. C. Leyland, and A. Muffett, An unnoticed factoring attack on a PGP key, presented at Crypto '95 rump session.Google Scholar
  23. 23.
    R. Golliver, A. K. Lenstra, and K. McCurley, Lattice sieving and trial division, ANTS'94, Lecture Notes in Comput. Sci., 877 (1994) pp. 18–27.Google Scholar
  24. 24.
    G. H. Hardy and W. M. Wright, An Introduction to the Theory of Numbers, 5th ed., Oxford University Press, Oxford (1979).Google Scholar
  25. 25.
    D. E. Knuth, Art of computer programming, volume 2, Seminumerical Algorithms, 2nd ed., Addison-Wesley, Reading, Massachusetts (1981).Google Scholar
  26. 26.
    M. Kraïtchik, Theorie de Nombres, II, Gauthiers-Villars, Paris (1926) pp. 195–208.Google Scholar
  27. 27.
    J. C. Lagarias, V. S. Miller, and A. M. Odlyzko, Computing π(x): The Meissel-Lehmer Method, Math. Comp., Vol. 44 (1985) pp. 537–560.Google Scholar
  28. 28.
    B. A. LaMacchia and A. M. Odlyzko, Solving large sparse linear systems over finite fields, Advances in Cryptology, Crypto'90, Lecture Notes in Comput. Sci., 537 (1991) pp. 109–133.Google Scholar
  29. 29.
    A. K. Lenstra and H. W. Lenstra, Jr., Algorithms in number theory, Chapter 12 in Handbook of Theoretical Computer Science, Volume A, Algorithms and Complexity (J. van Leeuwen, ed.), Elsevier, Amsterdam (1990).Google Scholar
  30. 30.
    A. K. Lenstra and H. W. Lenstra, Jr., The development of the number field sieve, Lecture Notes in Math., Springer-Verlag, Berlin, 1554 (1993).Google Scholar
  31. 31.
    A. K. Lenstra, H. W. Lenstra, Jr., M. S. Manasse, and J. M. Pollard, The factorization of the ninth Fermat number, Math. Comp., Vol. 61 (1993) pp. 319–349.Google Scholar
  32. 32.
    A. K. Lenstra and M. S. Manasse, Factoring by electronic mail, Advances in Cryptology, Eurocrypt '89, Lecture Notes in Comput. Sci., 434 (1990) pp. 355–371.Google Scholar
  33. 33.
    A. K. Lenstra and M. S. Manasse, Factoring with two large primes, Advances in Cryptology, Eurocrypt '90, Lecture Notes in Comput. Sci., 473 (1990) pp. 72–82; Math. Comp., Vol. 63 (1994) pp. 785–798.Google Scholar
  34. 34.
    H. W. Lenstra, Jr., Factoring integers with elliptic curves, Ann. of Math, Vol. 126 (1987) pp. 649–673.Google Scholar
  35. 35.
    H. W. Lenstra, Jr., and C. Pomerance, A rigorous time bound for factoring integers, J. Amer. Math. Soc., Vol. 5 (1992) pp. 483–516.Google Scholar
  36. 36.
    H. W. Lenstra, Jr. and R. Tijdeman (eds.), Computational methods in number theory, Math. Centre Tracts, Vol. 154/155, Mathematisch Centrum, Amsterdam (1983).Google Scholar
  37. 37.
    P. C. Leyland, Multiple polynomial quadratic sieve, sans math, ftp://ftp.ox.ac.uk/pub/math/rsa129/ mpqs sans math.Z (1994).Google Scholar
  38. 38.
    L. Monier, Evaluation and comparison of two efficient probabilistic primality testing algorithms, Theor. Comp. Science, Vol. 11 (1980) pp. 97–108.Google Scholar
  39. 39.
    P. L. Montgomery, Speeding the Pollard and elliptic curve methods of factorization, Math. Comp., Vol. 48 (1987) pp. 243–264.Google Scholar
  40. 40.
    P. L. Montgomery, Square roots of products of algebraic numbers, Proceedings of Symposia in Applied Mathematics (Walter Gautschi, ed.), Mathematics of Computation 1943–1993, Vancouver (1993).Google Scholar
  41. 41.
    P. L. Montgomery, A block Lanczos algorithm for finding dependencies over GF(2), Advances in Cryptology, Eurocrypt'95, Lecture Notes in Comput. Sci., 921 (1995) pp. 106–120.Google Scholar
  42. 42.
    M. A. Morrison and J. Brillhart, A method of factoring and the factorization of F 7, Math. Comp., Vol. 29 (1975) pp. 183–205.Google Scholar
  43. 43.
    J. M. Pollard, Theorems on factorization and primality testing, Proc. Cambridge Philos. Soc., Vol. 76 (1974) pp. 521–528.Google Scholar
  44. 44.
    J. M. Pollard, A Monte Carlo method for factorization, BIT, Vol. 15 (1975) pp. 331–334.Google Scholar
  45. 45.
    J. M. Pollard, The lattice sieve, Lecture Notes in Math., Springer-Verlag, Berlin, 1554 (1993) pp. 43–49.Google Scholar
  46. 46.
    C. Pomerance, Analysis and comparison of some integer factoring algorithms, Computational methods in number theory, Math. Centre Tracts, Vol. 154/155, Mathematisch Centrum, Amsterdam (1983) pp. 89–139.Google Scholar
  47. 47.
    C. Pomerance, Private communication (March 1996).Google Scholar
  48. 48.
    C. Pomerance and J. W. Smith, Reduction of huge, sparse matrices over finite fields via created catastrophes, Experiment. Math., Vol. 1 (1992) pp. 89–94.Google Scholar
  49. 49.
    M. O. Rabin, Probabilistic algorithms for primality testing, J. Number Theory, Vol. 12 (1980) pp. 128–138.Google Scholar
  50. 50.
    H. Riesel, Prime numbers and computer methods for factorization. Progr. Math., Vol. 57, Birkhäuser, Boston (1985).Google Scholar
  51. 51.
    R. L. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Comm. ACM, Vol. 21 (1978) pp. 120–126.Google Scholar
  52. 52.
    R. Schoof, Quadratic fields and factorization, Computational methods in number theory, Math. Centre Tracts, Vol. 154/155, Mathematisch Centrum, Amsterdam (1983) pp. 235–286.Google Scholar
  53. 53.
    D. Shanks, Class number, a theory of factorization, and genera, Proc. Symp. Pure Math., Vol. XX, AMS (1971) pp. 415–440.Google Scholar
  54. 54.
    R. D. Silverman, The multiple polynomial quadratic sieve, Math. Comp., Vol. 84 (1987) pp. 327–339.Google Scholar

Copyright information

© Kluwer Academic Publishers 2000

Authors and Affiliations

  • Arjen K. Lenstra
    • 1
  1. 1.MorristownU.S.A.

Personalised recommendations