Factoring by electronic mail

  • Arjen K. Lenstra
  • Mark S. Manasse
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 434)

Abstract

In this paper we describe our distributed implementation of two factoring algorithms, the elliptic curve method (ecm) and the multiple polynomial quadratic sieve algorithm (mpqs).

Since the summer of 1987, our ecm-implementation on a network of MicroVAX processors at DEC’s Systems Research Center has factored several most and more wanted numbers from the Cunningham project. In the summer of 1988, we implemented the multiple polynomial quadratic sieve algorithm on the same network. On this network alone, we are now able to factor any 100 digit integer, or to find 35 digit factors of numbers up to 150 digits long within one month.

To allow an even wider distribution of our programs we made use of electronic mail networks for the distribution of the programs and for inter-processor communication. Even during the initial stage of this experiment, machines all over the United States and at various places in Europe and Australia contributed 15 percent of the total factorization effort.

At all the sites where our program is running we only use cycles that would otherwise have been idle. This shows that the enormous computational task of factoring 100 digit integers with the current algorithms can be completed almost for free. Since we use a negligible fraction of the idle cycles of all the machines on the worldwide electronic mail networks, we could factor 100 digit integers within a few days with a little more help.

References

  1. 1.
    L. Adleman, “The theory of computer viruses,” Proceedings Crypto 88, 1988.Google Scholar
  2. 2.
    E. Bach. J. Shallit. “Factoring with cyclotomic polynomials,” Proceedings 26th FOCS, 1985, pp 443–450.Google Scholar
  3. 3.
    G. Brassard, Modern Cryptology, Lecture Notes in Computer Science, vol. 325, 1988, Springer Verlag.MATHGoogle Scholar
  4. 4.
    R.P. Brent, “Some integer factorization algorithms using elliptic curves,” Australian Computer Science Communications v. 8, 1986, pp 149–163.Google Scholar
  5. 5.
    R.P. Brent, G.L. Cohen, “A new lower bound for odd perfect numbers,” Math. Comp., to appear.Google Scholar
  6. 6.
    J. Brillhart, D.H. Lehmer, J.L. Selfridge, B. Tuckerman, S.S. Wagstaff, Jr., Factorizations of b n ± 1, b = 2, 3, 5, 6, 7, 10, 11, 12 up to high powers, second edition, Contemporary Mathematics, vol. 22, Providence: A.M.S., 1988.Google Scholar
  7. 7.
    T.R. Caron, R.D. Silverman, “Parallel implementation of the quadratic sieve,” J. Supercomputing, v. 1, 1988, pp 273–290.CrossRefGoogle Scholar
  8. 8.
    A.J.C. Cunningham, H.J. Woodall, Factorisation of (y n ∓1). y = 2, 3, 5, 6, 7, 10, 11, 12 up to high powers (n), London: Hodgson (1925).Google Scholar
  9. 9.
    J.A. Davis, D.B. Holdridge. “Factorization using the quadratic sieve algorithm,” Sandia National Laboratories Tech Rpt. SAND 83-1346, December 1983.Google Scholar
  10. 10.
    P.J. Denning, “The Science of Computing: Computer Viruses,” American Scientist, v. 76, May–June 1988.Google Scholar
  11. 11.
    A.K. Lenstra, H.W. Lenstra, Jr, “Algorithms in number theory,” in: J. van Leeuwen, A. Meyer, M. Nivat, M. Paterson, D. Perrin (eds.), Handbook of theoretical computer science, to appear; report 87-8, The University of Chicago, Department of Computer Science, May 1987.Google Scholar
  12. 12.
    A.K. Lenstra, M.S. Manasse, “Compact incremental Gaussian elimination over Z/2Z,” report 88-16, The University of Chicago, Department of Computer Science, October 1988.Google Scholar
  13. 13.
    H.W. Lenstra, Jr., “Factoring integers with elliptic curves,” Ann. of Math., v. 126, 1987, pp. 649–673.CrossRefMathSciNetGoogle Scholar
  14. 14.
    P.L. Montgomery, “Modular multiplication without trial division,” Math. Comp., v. 44, 1985, pp 519–521.MATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    P.L. Montgomery, “Speeding the Pollard and elliptic curve methods of factorization,” Math. Comp., v. 48, 1987, pp 243–264.MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    P.L. Montgomery, R.D. Silverman, “An FFT extension to the p-1 factoring algorithm,” manuscript, 1988.Google Scholar
  17. 17.
    A.M. Odlyzko, “Discrete logarithms and their cryptographic significance,” pp. 224–314; in: T. Beth, N. Cot, I. Ingemarsson (eds), Advances in cryptology, Springer Lecture Notes in Computer Science, vol. 209, 1985.CrossRefGoogle Scholar
  18. 18.
    J.M. Pollard, “A Monte Carlo method for factorization,” BIT, v. 15, 1975, pp 331–334.MATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    C. Pomerance, “Analysis and comparison of some integer factoring algorithms,” pp. 89–139; in: H.W. Lenstra, Jr., R. Tijdeman (eds), Computational methods in number theory, Mathematical Centre Tracts 154, 155, Mathematisch Centrum, Amsterdam, 1982.Google Scholar
  20. 20.
    C. Pomerance, J.W. Smith, R. Tuler, “A pipeline architecture for factoring large integers with the quadratic sieve algorithm,” SIAM J. Comput., v. 17, 1988, pp. 387–403.MATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    H.J.J. te Riele, W.M. Lioen, D.T. Winter, “Factoring with the quadratic sieve on large vector computers,” report NM-R8805, 1988, Centrum voor Wiskunde en Informatica, Amsterdam.Google Scholar
  22. 22.
    R.L. Rivest, A. Shamir, L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM., v. 21, 1978, pp. 120–126.MATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    E. Roberts, J. Ellis, “parmake and dp: Experience with a distributed, parallel implementation of make,” Proceedings from the Second Workshop on Large-Grained Parallelism, Software Engineering Institute, Carnegie-Mellon University, Report CMU/SEI-87-SR-5, November 1987.Google Scholar
  24. 24.
    R.D. Silverman, “The multiple polynomial quadratic sieve,” Math. Comp., v. 48, 1987, pp. 329–339.MATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    K. Thompson, “Reflections on Trusting Trust,” Commun. ACM, v. 27, 1984, pp. 172–80.CrossRefGoogle Scholar
  26. 26.
    D.H. Wiedemann, “Solving sparse linear equations over finite fields,” IEEE Transactions on Information Theory, v. 32, 1986, pp. 54–62.MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • Arjen K. Lenstra
    • 1
  • Mark S. Manasse
    • 2
  1. 1.Department of Computer ScienceThe University of ChicagoChicago
  2. 2.DEC Systems Research CenterPalo Alto

Personalised recommendations