integer factorization exercise for the reader a progress
play

Integer factorization: Exercise for the reader: a progress report - PowerPoint PPT Presentation

Jan 21, 2024 •43 likes •593 views

Integer factorization: Exercise for the reader: a progress report Find a nontrivial factor of 6366223796340423057152171586. D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS0140542 Alfred P. Sloan Foundation rization:

  1. Integer factorization: Exercise for the reader: a progress report Find a nontrivial factor of 6366223796340423057152171586. D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS–0140542 Alfred P. Sloan Foundation

  2. rization: Exercise for the reader: Exercise for the reader: rt Find a nontrivial factor of Find a nontrivial facto 6366223796340423057152171586. 6366223796340423057152171586. Small prime factors are easy to find. Illinois at Chicago DMS–0140542 Larger primes are ha Foundation “Elliptic-curve metho scales surprisingly (1987 Lenstra) ECM has found a p (2005 Dodson; rather � 10 12 Opteron 3 www.loria.fr/~zimmerma/records

  3. Exercise for the reader: Exercise for the reader: Find a nontrivial factor of Find a nontrivial factor of 6366223796340423057152171586. 6366223796340423057152171586. Small prime factors are easy to find. Larger primes are harder. “Elliptic-curve method” (ECM) scales surprisingly well. (1987 Lenstra) 2 219 . ECM has found a prime (2005 Dodson; rather lucky; � 10 12 Opteron cycles) 3 www.loria.fr/~zimmerma/records/p66

  4. � reader: Exercise for the reader: For worst-case integers nontrivial factor of Find a nontrivial factor of two very large prime 6366223796340423057152171586. 6366223796340423057152171586. ECM does not scale “number-field sieve” Small prime factors (1988 Pollard, et al.) are easy to find. Latest record: NFS Larger primes are harder. two prime factors “Elliptic-curve method” (ECM) of “RSA-200” challenge. scales surprisingly well. Bahr Boehm Frank � 10 18 Opteron (1987 Lenstra) 5 2 219 . ECM has found a prime How much more difficult (2005 Dodson; rather lucky; is it to find prime facto � 10 12 Opteron cycles) 3 of an integer 2 www.loria.fr/~zimmerma/records/p66 www.loria.fr/~zimmerma/records

  5. � Exercise for the reader: For worst-case integers with Find a nontrivial factor of two very large prime factors, 6366223796340423057152171586. ECM does not scale as well as “number-field sieve” (NFS). Small prime factors (1988 Pollard, et al.) are easy to find. Latest record: NFS has found Larger primes are harder. 2 332 two prime factors “Elliptic-curve method” (ECM) of “RSA-200” challenge. (2005 scales surprisingly well. Bahr Boehm Franke Kleinjung; � 10 18 Opteron cycles) (1987 Lenstra) 5 2 219 . ECM has found a prime How much more difficult 2 512 (2005 Dodson; rather lucky; is it to find prime factors � 10 12 Opteron cycles) 3 2 1024 ? of an integer www.loria.fr/~zimmerma/records/p66 www.loria.fr/~zimmerma/records/rsa200

  6. � � � ✁ � � � ✁ ✁ ✂ ✂ ✂ ✁ � � � ✄ � ✁ ✄ ☎ ✄ � � � � � ✄ ☎ ✄ � � � reader: For worst-case integers with NFS step 1: find attractive nontrivial factor of two very large prime factors, NFS tries to factor 6366223796340423057152171586. ECM does not scale as well as inspecting values of “number-field sieve” (NFS). factors Select integer (1988 Pollard, et al.) find integers 5 4 Latest record: NFS has found 5 + re harder. with = 5 2 332 two prime factors for various integers method” (ECM) of “RSA-200” challenge. (2005 ✄ 5 + 4 ( )( 5 risingly well. Bahr Boehm Franke Kleinjung; � 10 18 Opteron cycles) Practically every choice 5 will succeed in facto 2 219 . a prime How much more difficult Better speed from 2 512 rather lucky; is it to find prime factors ✄ 5 + 4 ( )( 5 Opteron cycles) 2 1024 ? of an integer www.loria.fr/~zimmerma/records/p66 www.loria.fr/~zimmerma/records/rsa200

  7. ✂ � ✁ ✁ ✂ ✂ � ✁ � � ✄ � ✁ ✄ ☎ � � ✄ ☎ � � ✁ For worst-case integers with NFS step 1: find attractive ’s two very large prime factors, NFS tries to factor by ECM does not scale as well as inspecting values of a polynomial. “number-field sieve” (NFS). � 6 � 5 ]; � 1 � 1 Select integer [ (1988 Pollard, et al.) find integers 5 4 0 Latest record: NFS has found 5 + 4 + � + with = 0 ; 5 4 2 332 two prime factors for various integers inspect of “RSA-200” challenge. (2005 ✄ 5 + 4 ✄ 4 + � + 0 5 ). ( )( 5 Bahr Boehm Franke Kleinjung; � 10 18 Opteron cycles) Practically every choice of 5 � . will succeed in factoring How much more difficult Better speed from smaller values 2 512 is it to find prime factors ✄ 5 + 4 ✄ 4 + � + 0 5 ). ( )( 5 2 1024 ? of an integer www.loria.fr/~zimmerma/records/rsa200

  8. ✄ ☎ ✂ ✂ ✂ ✁ � � � ✄ ✁ ☎ � � ✄ � ✁ � � � ✄ ☎ � � � ✄ ✁ ✄ ☎ ✄ ✁ ✄ � ✁ � � integers with NFS step 1: find attractive ’s e.g. = 314159265358979323: rime factors, Can choose = 1000, NFS tries to factor by scale as well as 5 = 314, 4 = 159, inspecting values of a polynomial. sieve” (NFS). 2 = 358, 1 = 979, � 6 � 5 ]; � 1 � 1 Select integer [ et al.) NFS succeeds in facto find integers 5 4 0 NFS has found by inspecting values 5 + 4 + � + with = 0 ; 5 4 2 332 ✄ 5 rs ( 1000 )(314 for various integers inspect challenge. (2005 for various integer ✄ 5 + 4 ✄ 4 + � + 0 5 ). ( )( 5 ranke Kleinjung; But NFS succeeds Practically every choice of Opteron cycles) using = 1370, insp � . will succeed in factoring ✄ 5 + difficult ( 1370 )(65 Better speed from smaller values ✄ 3 2 + 377 ✄ 2 3 + 2 512 rime factors 38 ✄ 5 + 4 ✄ 4 + � + 0 5 ). ( )( 5 2 1024 ? www.loria.fr/~zimmerma/records/rsa200

  9. � � � ✄ ✄ ☎ ✄ � � � ✄ � ☎ ✄ ✄ ☎ ☎ ✄ � � � � ✁ ✁ ✂ ✁ � ✁ ✂ ✂ ✁ NFS step 1: find attractive ’s e.g. = 314159265358979323: Can choose = 1000, NFS tries to factor by 5 = 314, 4 = 159, 3 = 265, inspecting values of a polynomial. 2 = 358, 1 = 979, 0 = 323. � 6 � 5 ]; � 1 � 1 Select integer [ NFS succeeds in factoring find integers 5 4 0 by inspecting values 5 + 4 + � + with = 0 ; 5 4 ✄ 5 + � + 323 5 ) ( 1000 )(314 for various integers inspect ✁ ). for various integer pairs ( ✄ 5 + 4 ✄ 4 + � + 0 5 ). ( )( 5 But NFS succeeds more quickly Practically every choice of using = 1370, inspecting � . will succeed in factoring ✄ 5 + 130 ✄ 4 + ( 1370 )(65 Better speed from smaller values ✄ 3 2 + 377 ✄ 2 3 + 127 4 + 33 5 ). 38 ✄ 5 + 4 ✄ 4 + � + 0 5 ). ( )( 5

  10. ✄ � ✂ ☎ ✄ ✂ � � ✂ � � ✂ � ✄ ☎ ✄ � � � ✁ ✂ ☎ � ✄ � � ✁ ✂ ✄ ☎ ✁ ✄ � � � ✂ ✂ ✄ ✂ � ✁ � � � ✁ ✂ ✂ ✂ ✁ ✁ ✁ ✁ � ✄ ✁ ✁ ✄ ☎ ✄ ✂ ✂ � � attractive ’s e.g. = 314159265358979323: NFS step 1: Consider, 2 45 possible choices Can choose = 1000, factor by 5 = 314, 4 = 159, 3 = 265, Quickly identify, e.g., values of a polynomial. 2 25 attractive candidates. 2 = 358, 1 = 979, 0 = 323. � 6 � 5 ]; � 1 � 1 [ NFS succeeds in factoring Will choose one 4 0 by inspecting values 4 + � + + 0 ; If and 4 ✄ 5 + � + 323 5 ) ( 1000 )(314 ✄ 5 + ✂ ( integers inspect )( 5 ✁ ). for various integer pairs ( ✄ 4 + 6 where � + 0 5 ). ( ) 4 ✁ 1 + )( 5 But NFS succeeds more quickly ( 5 choice of using = 1370, inspecting � . factoring Attractive : small ✄ 5 + 130 ✄ 4 + ( 1370 )(65 from smaller values (1999 Murphy) ✄ 3 2 + 377 ✄ 2 3 + 127 4 + 33 5 ). 38 ✄ 4 + � + 0 5 ). 4

  11. � ✂ ✄ � ☎ ✄ � � ✂ ✄ ☎ ✄ � � � � ✂ ✄ � ✁ ✁ ✂ ✂ ✂ � ✂ ☎ ✂ ✂ � ✁ ✁ ✄ � e.g. = 314159265358979323: NFS step 1: Consider, e.g., 2 45 possible choices of Can choose = 1000, . 5 = 314, 4 = 159, 3 = 265, Quickly identify, e.g., 2 25 attractive candidates. 2 = 358, 1 = 979, 0 = 323. NFS succeeds in factoring Will choose one in step 2. by inspecting values ✁ 1 If and then ✄ 5 + � + 323 5 ) ( 1000 )(314 ✄ 5 + ✂ ( � + 0 5 ) )( 5 ✁ ). for various integer pairs ( 6 where ( ) ( ) = � + ✂ + ✂ ). ✁ 1 + )( 5 ✁ 5 But NFS succeeds more quickly ( 5 0 using = 1370, inspecting Attractive : small ( ). ✄ 5 + 130 ✄ 4 + ( 1370 )(65 (1999 Murphy) ✄ 3 2 + 377 ✄ 2 3 + 127 4 + 33 5 ). 38

  12. � ✁ � � ✂ ✄ ☎ � � ✂ ✂ ✁ ✁ ✁ ✂ � ✂ ✁ ✂ � � � ✂ ✂ � ✂ ✁ � � ✄ � ✁ ✄ � ✄ ☎ � � ✄ ✄ ☎ ✄ � ✄ � � 314159265358979323: NFS step 1: Consider, e.g., Choosing one typical 2 45 possible choices of ✁ 1) 1000, . produces ( 159, 3 = 265, Quickly identify, e.g., Question: How much 2 25 attractive candidates. 979, 0 = 323. need to save factor factoring Will choose one in step 2. with ( ) values ✁ 1 If and then This has as much impact ✄ 5 + � + 323 5 ) ✄ 5 + ✂ ( � + 0 5 ) )( 5 chopping 3 lg ✁ ). integer pairs ( 6 where ( ) ( ) = Searching for good � + ✂ + ✂ ). ✁ 1 + )( 5 ✁ 5 succeeds more quickly ( 5 0 takes noticeable fraction 1370, inspecting Attractive : small ( ). total time of optimized ✄ 5 + 130 ✄ 4 + (1999 Murphy) (If not, consider mo 3 + 127 4 + 33 5 ). End up with rather

Recommend

Circuits for integer factorization D. J. Bernstein University of Illinois at Chicago Exercise

Circuits for integer factorization D. J. Bernstein University of Illinois at Chicago Exercise

Circuits for integer factorization D. J. Bernstein University of Illinois at Chicago Exercise for the reader: Find a nontrivial factor of 6366223796340423057152171586. Exercise for the reader: Find a nontrivial factor of

586 views • 42 slides
Integer Factorization Methods Modular Arithmetic Trial division, Pollards p 1 , Division

Integer Factorization Methods Modular Arithmetic Trial division, Pollards p 1 , Division

Integer Factorization Methods Integer 2014-04-11 Integer Factorization Methods Factorization Trial division, Pollards p 1 , Pollards , and Fermats method Methods Christopher Koch 1 C. Koch 1 Department of Computer Science and

681 views • 33 slides
Random problems at the core of integer factorization algorithms Pierrick Gaudry Caramba

Random problems at the core of integer factorization algorithms Pierrick Gaudry Caramba

Random problems at the core of integer factorization algorithms Pierrick Gaudry Caramba LORIA, Nancy CNRS, Universit de Lorraine, Inria Journes ALEA, March 2016 1/31 Plan Introduction: crypto context Integer factorization 101 How

462 views • 33 slides
Integer Factorization Methods Modular Trial division, Pollards p 1 , Arithmetic Division

Integer Factorization Methods Modular Trial division, Pollards p 1 , Arithmetic Division

Integer Factorization Methods C. Koch Overview Integer Factorization Methods Modular Trial division, Pollards p 1 , Arithmetic Division Algorithm and Congruence Pollards , and Fermats method Residue classes mod n Integers

505 views • 33 slides
Accelerated Reader What is Accelerated Reader? Accelerated Reader is the number one software

Accelerated Reader What is Accelerated Reader? Accelerated Reader is the number one software

Camerado Springs Middle School A closer look at Accelerated Reader What is Accelerated Reader? Accelerated Reader is the number one software program (or tool) that helps manage reading practice, monitor daily progress, and plan instruction. The

484 views • 13 slides
260 Chapter 21 Exercise 21.3 Consider a parallel DBMS in which each relation is stored by

260 Chapter 21 Exercise 21.3 Consider a parallel DBMS in which each relation is stored by

260 Chapter 21 Exercise 21.3 Consider a parallel DBMS in which each relation is stored by horizontally partitioning its tuples across all disks. Employees( eid: integer , did: integer , sal: real ) Departments( did: integer , mgrid: integer ,

298 views • 10 slides
Challenges in quantum algorithms for integer factorization D. J. Bernstein University of

Challenges in quantum algorithms for integer factorization D. J. Bernstein University of

1 Challenges in quantum algorithms for integer factorization D. J. Bernstein University of Illinois at Chicago Prelude: What is the fastest algorithm to sort an array? def blindsort(x): while not issorted(x): permuterandomly(x) 2 def

713 views • 50 slides
Building circuits for integer factorization D. J. Bernstein Thanks to: University of Illinois

Building circuits for integer factorization D. J. Bernstein Thanks to: University of Illinois

Building circuits for integer factorization D. J. Bernstein Thanks to: University of Illinois at Chicago NSF DMS0140542 Alfred P. Sloan Foundation I want to work for NSA as an independent

706 views • 49 slides
and 611 + for small : Integer factorization Sieving 1 612 2 2 3 3 D. J. Bernstein

and 611 + for small : Integer factorization Sieving 1 612 2 2 3 3 D. J. Bernstein

and 611 + for small : Integer factorization Sieving 1 612 2 2 3 3 D. J. Bernstein 2 2 613 3 3 614 2 4 2 2 615 3 5 Thanks to: 5 5 616 2 2 2 7 6 2 3 617 University of Illinois at Chicago 7 7 618 2 3 8 2 2 2

411 views • 29 slides
Algorithms for integer factorization and discrete logarithms computation Algorithmes pour la

Algorithms for integer factorization and discrete logarithms computation Algorithmes pour la

Algorithms for integer factorization and discrete logarithms computation Algorithmes pour la factorisation dentiers et le calcul de logarithme discret Cyril Bouvier CARAMEL project-team, LORIA Universit de Lorraine / CNRS / Inria

470 views • 42 slides
Isolating critical cases for reciprocals using integer factorization John Harrison Intel

Isolating critical cases for reciprocals using integer factorization John Harrison Intel

Isolating critical cases for reciprocals using integer factorization John Harrison Intel Corporation ARITH-16 Santiago de Compostela 17th June 2003 0 Background result before the final rounding Suppose we are interested in a floating-point

343 views • 19 slides
Integer factorization and discrete logarithm problems Pierrick Gaudry Caramel LORIA CNRS,

Integer factorization and discrete logarithm problems Pierrick Gaudry Caramel LORIA CNRS,

Integer factorization and discrete logarithm problems Pierrick Gaudry Caramel LORIA CNRS, Universit de Lorraine, Inria JNCF CIRM November 2014 1/81 Plan Presentation of the problems Cryptographic background Primality,

919 views • 88 slides
Nonunique Factorization in the Ring of Integer-Valued Polynomials Paul Baginski Fairfield

Nonunique Factorization in the Ring of Integer-Valued Polynomials Paul Baginski Fairfield

Nonunique Factorization in the Ring of Integer-Valued Polynomials Paul Baginski Fairfield University March 22, 2019 Paul Baginski Fairfield University Nonunique Factorization in the Ring of Integer-Valued Polynomials 2016 Fairfield

334 views • 30 slides
LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University

LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University

DM559 Linear and Integer Programming LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark [ Based on slides by Lieven Vandenberghe, UCLA ] Operation Count LU Factorization Outline

524 views • 38 slides
LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University

LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University

DM559 Linear and Integer Programming LU Factorization Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark [ Based on slides by Lieven Vandenberghe, UCLA ] Operation Count LU Factorization Outline

935 views • 34 slides
Integer factoring and compositeness witnesses Jacek Pomykaa & Maciej Radziejewski June 26,

Integer factoring and compositeness witnesses Jacek Pomykaa & Maciej Radziejewski June 26,

Integer factoring and compositeness witnesses Jacek Pomykaa & Maciej Radziejewski June 26, 2019 Integer factoring and compositeness witnesses 1 Objective: Factorization of a large integer n Oracles Techniques How many hard numbers are

514 views • 22 slides
READER Kim Jervis kimjervis@yahoo.co.uk RATIONALE 100% of pupils made expected progress from

READER Kim Jervis kimjervis@yahoo.co.uk RATIONALE 100% of pupils made expected progress from

ACCELERATED READER Kim Jervis kimjervis@yahoo.co.uk RATIONALE 100% of pupils made expected progress from KS1 to KS2 in Writing and Maths but only 97% of pupils made expected progress in reading High achievers in KS1 werent making

280 views • 11 slides
semaphores / reader/writer 1 Changelog Changes made in this version not seen in fjrst lecture:

semaphores / reader/writer 1 Changelog Changes made in this version not seen in fjrst lecture:

semaphores / reader/writer 1 Changelog Changes made in this version not seen in fjrst lecture: 1 October 2019: fjx mixup of result and value in semaphore exercise return 3 October 2019: correct reader-priority rwlock code to

1.17k views • 78 slides
Software Trigger Board Reader Progress Report Giovanna Lehmann Miotto, Alessandro Thea 1 R

Software Trigger Board Reader Progress Report Giovanna Lehmann Miotto, Alessandro Thea 1 R

Software Trigger Board Reader Progress Report Giovanna Lehmann Miotto, Alessandro Thea 1 R EMINDER : C URRENT T RIGGER D ISTRIBUTION S YSTEM Triggers (beam, no beam) generated by CTB Distributed by the Timing master CTB Inhibit

72 views • 5 slides
Challenges in def bubblesort(x): quantum algorithms for for j in range(len(x)): integer

Challenges in def bubblesort(x): quantum algorithms for for j in range(len(x)): integer

1 2 Challenges in def bubblesort(x): quantum algorithms for for j in range(len(x)): integer factorization for i in reversed(range(j)): x[i],x[i+1] = ( D. J. Bernstein min(x[i],x[i+1]), University of Illinois at Chicago max(x[i],x[i+1])

1.48k views • 118 slides
1 Reader/Writer Lock: Second Try Reader/Writer Lock: Second Try Guidelines for Condition

1 Reader/Writer Lock: Second Try Reader/Writer Lock: Second Try Guidelines for Condition

SharedLock SharedLock : Reader/Writer Lock : Reader/Writer Lock A reader/write lock or SharedLock is a new kind of lock that is similar to our old definition: supports Acquire and Release primitives Synchronization: Going Deeper

575 views • 10 slides
Mobile Reader A Picture Becomes a Thousand Words. Mobile Reader Introduction Mobile

Mobile Reader A Picture Becomes a Thousand Words. Mobile Reader Introduction Mobile

Mobile Reader A Picture Becomes a Thousand Words. Mobile Reader Introduction Mobile Reader History Mobile Reader Demonstration Questions Introduction Introduction: Sensotec Founded in 1986 as innovative company Roots in

425 views • 25 slides
safely progress with an exercise program from treatment to survivorship Julie Everett DPT, CLT

safely progress with an exercise program from treatment to survivorship Julie Everett DPT, CLT

Strength after Cancer: How to safely progress with an exercise program from treatment to survivorship Julie Everett DPT, CLT Laurie Fitz PT, CLT 1 Objectives Provide an overview of common physical side effects experienced by cancer

553 views • 38 slides
Comparing Problems Remember the concepts of Problem, Algorithm, and Program. Weve gotten

Comparing Problems Remember the concepts of Problem, Algorithm, and Program. Weve gotten

Comparing Problems Remember the concepts of Problem, Algorithm, and Program. Weve gotten pretty good at comparing algorithms. How do we compare problems? Sorted Array Search Sorting Integer Factorization Integer Multiplication Selection

449 views • 14 slides

More recommend