Abstract
A main obstacle in manufacturing the TWIRL device for realizing the sieving step of the Number Field Sieve is the sophisticated chip layout. Especially the logic for logging and recovering large prime factors found during sieving adds significantly to the layout complexity. We describe a device building on the Elliptic Curve Method (ECM) that for parameters of interest enables the replacement of the complete logging part in TWIRL by an off-wafer postprocessing. The postprocessing is done in real time, leaving the total sieving time basically unchanged.
The proposed device is an optimized ECM implementation building on curves chosen to cope with factor sizes as expected in the output of TWIRL. According to our preliminary analysis, for the relation collection step expected for a 1024-bit factorization our design is realizable with current fab technology at very moderate cost. The proposed ECM engine also finds the vast majority of the needed cofactor factorizations. In summary, we think the proposed device to enable a significant decrease of TWIRL’s layout complexity and therewith its cost.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Oliver, A., Atkin, L., Morain, F.: Finding suitable curves for the elliptic curve method of factorization. Mathematics of Computation 60(201), 399–405 (1993)
Bernstein, D.J.: Circuits for Integer Factorization: a Proposal (2001), At the time of writing available electronically at: http://cr.yp.to/papers/nfscircuit.pdf
Brent, R.P.: Factorization of the tenth and eleventh Fermat Numbers. Computer Science Laboratory, Australian National Univ., Canberra, Report TR-CS-96-02:1–25 (1996)
Franke, J., Kleinjung, T., Paar, C., Pelzl, J., Priplata, C., Stahlke, C.: SHARK: A Realizable Special Hardware Sieving Device for Factoring 1024-Bit Integers. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 119–130. Springer, Heidelberg (2005)
Geiselmann, W., Köpfer, H., Steinwandt, R., Tromer, E.: Improved Routing-Based Linear Algebra for the Number Field Sieve. In: Proceedings of ITCC 2005 – Track on Embedded Cryptographic Systems. IEEE Computer Society Press, Los Alamitos (2005)
Geiselmann, W., Shamir, A., Steinwandt, R., Tromer, E.: Scalable Hardware for Sparse Systems of Linear Equations, with Applications to Integer Factorization. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 131–146. Springer, Heidelberg (2005)
Geiselmann, W., Steinwandt, R.: A Dedicated Sieving Hardware. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 254–266. Springer, Heidelberg (2002)
Geiselmann, W., Steinwandt, R.: Hardware for Solving Sparse Systems of Linear Equations over GF(2). In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 51–61. Springer, Heidelberg (2003)
Geiselmann, W., Steinwandt, R.: Yet Another Sieving Device. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 278–291. Springer, Heidelberg (2004)
Izu, T., Kunihiro, N., Ohta, K., Shimoyama, T.: Analysis on the Clockwise Transposition Routing for Dedicated Factoring Devices. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 232–242. Springer, Heidelberg (2006)
Januszewski, F.: Ein dedizierter Faktorisierungsalgorithmus auf Basis elliptischer Kurven. Diplomarbeit, Universität Karlsruhe (Germany), Fakultät für Informatik, Institut für Algorithmen und Kognitive Systeme (2005)
RSA Laboratories. The RSA Challenge Numbers, http://www.rsasecurity.com/rsalabs/node.asp?id=2093
Lenstra, A.K., Lenstra Jr., H.W. (eds.): The development of the number field sieve. Lecture Notes in Mathematics, vol. 1554. Springer, Heidelberg (1993)
Lenstra, A.K., Shamir, A., Tomlinson, J., Tromer, E.: Analysis of Bernstein’s Factorization Circuit. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 1–26. Springer, Heidelberg (2002)
Lenstra, A.K., Tromer, E., Shamir, A., Kortsmit, W., Dodson, B., Hughes, J., Leyland, P.C.: Factoring Estimates for a 1024-Bit RSA Modulus. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 55–74. Springer, Heidelberg (2003)
Lenstra, H.W.: Factoring Integers with Elliptic Curves. Annals of Mathematics 126(2), 649–673 (1987)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Montgomery, P.L.: Modular Multiplication without Trial Division. Mathematics of Computation 44(170), 519–521 (1985)
Montgomery, P.L.: Speeding up the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48, 243–264 (1987)
Pelzl, J., Šimka, M., Kleinjung, T., Franke, J., Priplata, C., Stahlke, C., Drutarovský, M., Fischer, V., Paar, C.: Area-Time Efficient Hardware Architecture for Factoring Integers with the Elliptic Curve Method. IEE Proceedings Information Security 152(1), 67–78 (2005)
Pollard, J.M.: A Monte Carlo Method for Factorization. Nordisk Tidskrift for Informationsbehandlung (BIT) 15, 331–334 (1975)
Pomerance, C.: A Tale of Two Sieves. Notices of the ACM, 1473–1485 (December 1996)
Shamir, A., Tromer, E.: Factoring Large Numbers with the TWIRL Device. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 1–26. Springer, Heidelberg (2003)
Tenca, A.F., Koç, Ç.K.: A Scalable Architecture for Modular Multiplication Based on Montgomery’s Algorithm. IEEE Trans. Comput. 52(9), 1215–1221 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Geiselmann, W., Januszewski, F., Köpfer, H., Pelzl, J., Steinwandt, R. (2006). A Simpler Sieving Device: Combining ECM and TWIRL. In: Rhee, M.S., Lee, B. (eds) Information Security and Cryptology – ICISC 2006. ICISC 2006. Lecture Notes in Computer Science, vol 4296. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11927587_12
Download citation
DOI: https://doi.org/10.1007/11927587_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49112-5
Online ISBN: 978-3-540-49114-9
eBook Packages: Computer ScienceComputer Science (R0)