Abstract
We present an algorithm for factoring integers of the form N = p r q for large r. Such integers were previously proposed for various cryptographic applications. When r ≈ log p our algorithm runs in polynomial time (in log N). Hence, we obtain a new class of integers that can be efficiently factored. When r ≈ \( r \approx \sqrt {\log {\mathbf{ }}p} \) the algorithm is asymptotically faster than the Elliptic Curve Method. Our results suggest that integers of the form N = p r q should be used with care. This is especially true when r is large, namely r greater than \( \sqrt {\log {\mathbf{ }}p} \).
Supported in part by nsf ccr-9732754.
Supported by Certicom.
Chapter PDF
Similar content being viewed by others
References
D. Coppersmith, “Modifications to the number field sieve”, J. of Cryptology, Vol. 6, pp. 169–180, 1993.
D. Coppersmith, “Small solutions to polynomial equations, and low exponent RSA vulnerabilities”, J. of Cryptology, Vol. 10, pp. 233–260, 1997.
A. Fujioke, T. Okamoto, S. Miyaguchi, “ESIGN: an efficient digital signature implementation for smartcards”, In. proc. Eurocrypt’ 91, pp. 446–457, 1991.
J. Hastad, “Solving simultaneous modular equations of low degree”, SIAM J. of Computing, Vol. 17, No. 2, pp. 336–341, 1988.
N. Howgrave-Graham, “Finding small roots of univariate modular equations revisited”, Proc. of Cryptography and Coding, LNCS 1355, Springer-Verlag, 1997, pp. 131–142.
N. Howgrave-Graham, “Extending LLL to Gaussian integers”, Unpublished Manuscript, March 1998. http://www.bath.ac.uk/~mapnahg/pub/gauss.ps
A. Lenstra, H.W. Lenstra Jr., “Algorithms in Number Theory”, in Handbook of Theoretical Computer Science (Volume A: Algorithms and Complexity), ch. 12, pp. 673–715, 1990.
A. Lenstra, H.W. Lenstra Jr., “The development of the number field sieve”, Lecture Notes in Mathematics, Vol. 1554, Springer-Verlag, 1994.
A. Lenstra, H.W. Lenstra Jr., and L. Lovasz, “Factoring polynomial with rational coefficients”, Mathematiche Annalen, 261:515–534, 1982.
H.W. Lenstra Jr., “Factoring integers with elliptic curves”, Annuals of Mathematics, 126:649–673, 1987.
L. Lovasz, “An algorithmic theory of numbers, graphs and convexity”, SIAM lecture series, Vol. 50, 1986.
T. Okamoto, S. Uchiyama, “A new public key cryptosystem as secure as factoring”, in Proc. Eurocrypt’ 98, pp. 310–318, 1998.
R. Peralta, T. Okamoto, “Faster factoring of integers of special form”, IEICE Trans. Fundamentals, Vol. E79-A, No. 4, pp. 489–493, 1996.
J.J. Quisquater and C. Couvreur, “Fast deciperhment algorithm for RSA public-key cryptosystem”, Electronic Letters, 18(21), pp. 905–907, 1982.
R. Silverman, Wagstaff Jr., “A Practical analysis of the elliptic curve factoring algorithm”, Math. Comp. Vol 61, 1993.
A. Shamir, “RSA for Paranoids”, RSA Laboratories’ CryptoBytes, vol. 1, no. 3, pp. 1–4, 1995.
V. Shoup, Number Theory Library (NTL), http://www.cs.wisc.edu/~shoup/ntl.
T. Takagi, “Fast RSA-type cryptosystem modulo pkq”, in Proc. Crypto’ 98, pp. 318–326, 1998.
P. Zimmerman, private communications.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boneh, D., Durfee, G., Howgrave-Graham, N. (1999). Factoring N = p r q for Large r . In: Wiener, M. (eds) Advances in Cryptology — CRYPTO’ 99. CRYPTO 1999. Lecture Notes in Computer Science, vol 1666. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48405-1_21
Download citation
DOI: https://doi.org/10.1007/3-540-48405-1_21
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66347-8
Online ISBN: 978-3-540-48405-9
eBook Packages: Springer Book Archive