Use of SIMD-based data parallelism to speed up sieving in integer-factoring algorithms

Many cryptographic protocols derive their security from the apparent computational intractability of the integer factorization problem. Currently, the best known integer-factoring algorithms run in subexponential time. Efficient parallel implementations of these algorithms constitute an important area of practical research. Most reported implementations use multi-core and/or distributed parallelization. In this paper, we use SIMD-based parallelization to speed up the sieving stage of integer-factoring algorithms. We experiment on the two fastest variants of factoring algorithms: the number-field sieve method and the multiple-polynomial quadratic sieve method. Using Intel's SSE2 and AVX intrinsics, we have been able to speed up index calculations in each core during sieving. This performance enhancement is attributed to a reduction in the packing and unpacking overheads associated with SIMD registers. We handle both line sieving and lattice sieving. We also propose improvements to make our implementations cache-friendly. We obtain speedup figures in the range 5-40%. To the best of our knowledge, no public discussions on SIMD parallelization in the context of integer-factoring algorithms are available in the literature.

[1]  Robert D. Silverman The multiple polynomial quadratic sieve , 1987 .

[2]  Arjen K. Lenstra,et al.  Efficient SIMD Arithmetic Modulo a Mersenne Number , 2011, 2011 IEEE 20th Symposium on Computer Arithmetic.

[3]  M. Briggs An Introduction to the General Number Field Sieve , 1998 .

[4]  J. Brillhart,et al.  A method of factoring and the factorization of , 1975 .

[5]  F. N. Cole On the factoring of large numbers , 1903 .

[6]  Antoine Joux,et al.  Faster Index Calculus for the Medium Prime Case Application to 1175-bit and 1425-bit Finite Fields , 2013, EUROCRYPT.

[7]  Arjen K. Lenstra,et al.  Cofactorization on Graphics Processing Units , 2014, CHES.

[8]  Tanja Lange,et al.  ECM on Graphics Cards , 2009, IACR Cryptol. ePrint Arch..

[9]  Arjen K. Lenstra,et al.  Factorization of a 768-Bit RSA Modulus , 2010, CRYPTO.

[10]  J. Pollard The lattice sieve , 1993 .

[11]  Abhijit Das Computational Number Theory , 2013 .

[12]  Carl Pomerance,et al.  The Quadratic Sieve Factoring Algorithm , 1985, EUROCRYPT.

[13]  Carl Pomerance,et al.  The Development of the Number Field Sieve , 1994 .

[14]  J. Dixon Asymptotically fast factorization of integers , 1981 .

[15]  Peter Stevenhagen,et al.  The number field sieve , 2008 .

[16]  Nikolai L. Manev,et al.  ECM integer factorization on GPU cluster , 2012, 2012 Proceedings of the 35th International Convention MIPRO.

[17]  Damien Stehlé,et al.  Low-dimensional lattice basis reduction revisited , 2004, TALG.

[18]  Leonard M. Adleman,et al.  Function Field Sieve Method for Discrete Logarithms over Finite Fields , 1999, Inf. Comput..

[19]  Arjen K. Lenstra,et al.  Factoring Integers Using SIMD Sieves , 1994, EUROCRYPT.

[20]  Peter L. Montgomery,et al.  A Block Lanczos Algorithm for Finding Dependencies Over GF(2) , 1995, EUROCRYPT.

[21]  Dj Daniel Bernstein,et al.  A general number field sieve implementation , 1993 .

[22]  H. Lenstra,et al.  Factoring integers with the number field sieve , 1993 .

[23]  Michel Cosnard,et al.  Achieving Superlinear Speedups for the Multiple Polynomial Quadratic Sieve Factoring Algorithm on a Distributed Memory Multiprocessor , 1990, CONPAR.

[24]  Dana Petcu,et al.  Parallel Multiple Polynomial Quadratic Sieve on Multi-Core Architectures , 2007, Ninth International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC 2007).

[25]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[26]  Abhijit Das,et al.  SIMD-Based Implementations of Sieving in Integer-Factoring Algorithms , 2013, SPACE.

[27]  James A. Davis,et al.  Factorization Using the Quadratic Sieve Algorithm , 1983, CRYPTO.

[28]  Kevin S. McCurley,et al.  Massively Parallel Computation of Discrete Logarithms , 1992, CRYPTO.

[29]  Greg Childers Factorization of a 1061-bit number by the Special Number Field Sieve , 2012, IACR Cryptol. ePrint Arch..

[30]  Shi Bai,et al.  Factorisation of RSA-220 with CADO-NFS , 2016 .