Using a grid platform for solving large sparse linear systems over GF(2)

In Fall 2009, the final step of the factorization of rsa768 was carried out on several clusters of the Grid'5000 platform, leading to a new record in integer factorization. This step involves solving a huge sparse linear system defined over the binary field GF(2). This article aims at describing the algorithm used, the difficulties encountered, and the methodology which led to success. In particular, we illustrate how our use of the block Wiedemann algorithm led to a method which is suitable for use on a grid platform, with both adaptability to various clusters, and error detection and recovery procedures. While this was not obvious at first, it eventually turned out that the contribution of the Grid'5000 clusters to this computation was major.

[1]  J. Brillhart,et al.  A method of factoring and the factorization of , 1975 .

[2]  Leonard M. Adleman,et al.  A subexponential algorithm for the discrete logarithm problem with applications to cryptography , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[3]  Don Coppersmith,et al.  Fast evaluation of logarithms in fields of characteristic two , 1984, IEEE Trans. Inf. Theory.

[4]  Carl Pomerance,et al.  The Quadratic Sieve Factoring Algorithm , 1985, EUROCRYPT.

[5]  Carl Pomerance The Quadratic Sieve Algorithm , 1985 .

[6]  Douglas H. Wiedemann Solving sparse linear equations over finite fields , 1986, IEEE Trans. Inf. Theory.

[7]  Andrew M. Odlyzko,et al.  Solving Large Sparse Linear Systems over Finite Fields , 1990, CRYPTO.

[8]  Carl Pomerance,et al.  The Development of the Number Field Sieve , 1994 .

[9]  D. Coppersmith Solving homogeneous linear equations over GF (2) via block Wiedemann algorithm , 1994 .

[10]  Peter L. Montgomery,et al.  A Block Lanczos Algorithm for Finding Dependencies Over GF(2) , 1995, EUROCRYPT.

[11]  Erich Kaltofen,et al.  Distributed Matrix-Free Solution of Large Sparse Linear Systems over Finite Fields , 1999, Algorithmica.

[12]  Emmanuel Thomé,et al.  Computation of Discrete Logarithms in F2607 , 2001, ASIACRYPT.

[13]  Emmanuel Thomé,et al.  Subquadratic Computation of Vector Generating Polynomials and Improvement of the Block Wiedemann Algorithm , 2002, J. Symb. Comput..

[14]  Arjen K. Lenstra,et al.  A Kilobit Special Number Field Sieve Factorization , 2007, ASIACRYPT.

[15]  James Demmel,et al.  Minimizing communication in sparse matrix solvers , 2009, Proceedings of the Conference on High Performance Computing Networking, Storage and Analysis.

[16]  Arjen K. Lenstra,et al.  Factorization of a 768-Bit RSA Modulus , 2010, CRYPTO.