Root optimization of polynomials in the number field sieve

The general number field sieve (GNFS) is the most efficient algorithm known for factoring large integers. It consists of several stages, the first one being polynomial selection. The quality of the chosen polynomials in polynomial selection can be modelled in terms of size and root properties. In this paper, we describe some algorithms for selecting polynomials with very good root properties.Comment: 16 pages, 18 reference

Root optimization of polynomials in the number field sieve

International audienceThe general number field sieve (GNFS) is the most efficient algorithm known for factoring large integers. It consists of several stages, the first one being polynomial selection. The quality of the chosen polynomials in polynomial selection can be modelled in terms of size and root properties. In this paper, we describe some algorithms for selecting polynomials with very good root properties

A New Ranking Function for Polynomial Selection in the Number Field Sieve

International audienceThis article explains why the classical Murphy-E ranking function might fail to correctly rank polynomial pairs in the Number Field Sieve, and proposes a new ranking function

Factorization in Cybersecurity: a Dual Role of Defense and Vulnerability in the Age of Quantum Computing

One of the most critical components of modern cryptography and thus cybersecurity is the ability to factor large integers quickly and efficiently. RSA encryption, one of the most used types, is based largely on the assumption that factoring for large numbers is computationally infeasible for humans and computers alike. However, with quantum computers, people can use an algorithm like Shor’s algorithm to perform the same task exponentially faster than any normal device ever could. This investigation will go into the strength and vulnerability of RSA encryption using the power of factorization in an age of quantum computers.We start by looking at the foundations of both classical and quantum factoring with greater detail at number field sieve (NFS) and Shor’s. We examine the mathematical background of each topic and the associated algorithms. We conclude with theoretical analysis and experimental simulations that address the difficulty and implications of the above-mentioned algorithms in cryptography. The final thing that I will be discussing is where quantum computing is at present and how this could pose a threat to the current type of cryptographic systems, we use every day. I will be mentioning how we need post-quantum cryptography and how people are currently creating algorithms that are designed to be attack-resistant even to large-scale quantum computers. This investigation has shown the changing dynamics of cybersecurity in the quantum era and helps us understand the challenges and the need to innovate the current cryptographic systems

Collecting relations for the number field sieve in GF(p6)GF(p^6)

International audienceIn order to assess the security of cryptosystems based on the discrete logarithm problem in non-prime finite fields, as are the torus-based or pairing-based ones, we investigate thoroughly the case in GF(p^6) with the Number Field Sieve. We provide new insights, improvements, and comparisons between different methods to select polynomials intended for a sieve in dimension 3 using a special-q strategy. We also take into account the Galois action to increase the relation productivity of the sieving phase. To validate our results, we ran several experiments and real computations for various selection methods and field sizes with our publicly available implementation of the sieve in dimension 3, with special-q and various enumeration strategies

On the Alpha Value of Polynomials in the Tower Number Field Sieve Algorithm

International audienceIn this paper, we provide a notable step towards filling the gap between theory (estimates of running-time) and practice (a discrete logarithm record computation) for the Tower Number Field Sieve (TNFS) algorithm. We propose a generalisation of ranking formula for selecting the polynomials used in the very first step of TNFS algorithm. For this we provide a definition and an exact implementation (Magma and SageMath) of the alpha function. This function measures the bias in the smoothness probability of norms in number fields compared to random integers of the same size. We use it to estimate the yield of polynomials, that is the expected number of relations, as a generalisation of Murphy's E function, and finally the total amount of operations needed to compute a discrete logarithm with TNFS algorithm in the targeted fields. This is an improvement of the earlier work of Barbulescu and Duquesne on estimating the running-time of the algorithm. We apply our estimates to a wide size range of finite fields GF(pn), for small composite n = 12, 16, 18, 24, that are target fields of pairing-friendly curves