A simpler sieving device: combining ECM and TWIRL

Authors:
Willi Geiselmann;Fabian Januszewski;Hubert Köpfer;Jan Pelzl;Rainer Steinwandt
Affiliations:
Institut für Algorithmen und Kognitive Systeme, Fakultät für Informatik, Universität Karlsruhe (TH), Karlsruhe, Germany;Mathematisches Institut II, Fakultät für Mathematik, Universität Karlsruhe (TH), Karlsruhe, Germany;Institut für Algorithmen und Kognitive Systeme, Fakultät für Informatik, Universität Karlsruhe (TH), Karlsruhe, Germany;Horst Görtz Institute for IT-Security, Ruhr University of Bochum, Bochum, Germany;Department of Mathematical Sciences, Florida Atlantic University, Boca Raton, FL
Venue:
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Year:
2006

Citing 8
Cited 4

Handbook of Applied Cryptography

Handbook of Applied Cryptography
Analysis of Bernstein's Factorization Circuit

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Dedicated Sieving Hardware

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
A Scalable Architecture for Modular Multiplication Based on Montgomery's Algorithm

IEEE Transactions on Computers
Improved Routing-Based Linear Algebra for the Number Field Sieve

ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
SHARK: a realizable special hardware sieving device for factoring 1024-bit integers

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Scalable hardware for sparse systems of linear equations, with applications to integer factorization

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Analysis on the clockwise transposition routing for dedicated factoring devices

WISA'05 Proceedings of the 6th international conference on Information Security Applications

Special-Purpose Hardware in Cryptanalysis: The Case of 1,024-Bit RSA

IEEE Security and Privacy
Non-wafer-Scale Sieving Hardware for the NFS: Another Attempt to Cope with 1024-Bit

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
CAIRN 2: An FPGA Implementation of the Sieving Step in the Number Field Sieve Method

CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Cryptanalysis of the Full AES Using GPU-Like Special-Purpose Hardware

Fundamenta Informaticae - Cryptology in Progress: 10th Central European Conference on Cryptology, Będlewo Poland, 2010

Quantified Score

Hi-index	0.00

Visualization

Abstract

A main obstacle in manufacturing the TWIRL device for realizing the sieving step of the Number Field Sieve is the sophisticated chip layout. Especially the logic for logging and recovering large prime factors found during sieving adds significantly to the layout complexity. We describe a device building on the Elliptic Curve Method (ECM) that for parameters of interest enables the replacement of the complete logging part in TWIRL by an off-wafer postprocessing. The postprocessing is done in real time, leaving the total sieving time basically unchanged. The proposed device is an optimized ECM implementation building on curves chosen to cope with factor sizes as expected in the output of TWIRL. According to our preliminary analysis, for the relation collection step expected for a 1024-bit factorization our design is realizable with current fab technology at very moderate cost. The proposed ECM engine also finds the vast majority of the needed cofactor factorizations. In summary, we think the proposed device to enable a significant decrease of TWIRL's layout complexity and therewith its cost.