Number Theory and Cryptography: Parallel algorithms for integer factorisation

The problem of finding the prime factors of large composite numbers has always been of mathematical interest. With the advent of public key cryptosystems it is also of practical importance, because the security of some of these cryptosystems, such as the Rivest-Shamir-Adelman (RSA) system, depends on the difficulty of factoring the public keys. In recent years the best known integer factorisation algorithms have improved greatly, to the point where it is now easy to factor a 60-decimal digit number, and possible to factor numbers larger than 120 decimal digits, given the availability of enough computing power. We describe several algorithms, including the elliptic curve method (ECM), and the multiple-polynomial quadratic sieve (MPQS) algorithm, and discuss their parallel implementation. It turns out that some of the algorithms are very well suited to parallel implementation. Doubling the degree of parallelism (i.e. the amount of hardware devoted to the problem) roughly increases the size of a number which can be factored in a fixed time by 3 decimal digits. Some recent computational results are mentioned – for example, the complete factorisation of the 617-decimal digit Fermat number F11 = 2 11 + 1 which was accomplished using ECM.

[1]  K. Dickman On the frequency of numbers containing prime factors of a certain relative magnitude , 1930 .

[2]  D. H. Lehmer Euclid's Algorithm for Large Numbers , 1938 .

[3]  D. Shanks Class number, a theory of factorization, and genera , 1971 .

[4]  Larry J. Stockmeyer,et al.  On the Number of Nonscalar Multiplications Necessary to Evaluate Polynomials , 1973, SIAM J. Comput..

[5]  J. M. Pollard,et al.  Theorems on factorization and primality testing , 1974, Mathematical Proceedings of the Cambridge Philosophical Society.

[6]  R. Lehman Factoring large integers , 1974 .

[7]  J. Pollard A monte carlo method for factorization , 1975 .

[8]  S. Lang,et al.  Elliptic Curves: Diophantine Analysis , 1978 .

[9]  Richard P. Brent,et al.  An improved Monte Carlo factorization algorithm , 1980 .

[10]  R. Brent,et al.  Factorization of the eighth Fermat number , 1981 .

[11]  Michael Rosen,et al.  A classical introduction to modern number theory , 1982, Graduate texts in mathematics.

[12]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[13]  H. Riesel Prime numbers and computer methods for factorization , 1985 .

[14]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[15]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[16]  Douglas H. Wiedemann Solving sparse linear equations over finite fields , 1986, IEEE Trans. Inf. Theory.

[17]  D. Chudnovsky,et al.  Sequences of numbers generated by addition in formal groups and new primality and factorization tests , 1986 .

[18]  Robert D. Silverman The multiple polynomial quadratic sieve , 1987 .

[19]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[20]  Dik Winter,et al.  Factoring with the quadratic sieve on large vector computers , 1989 .

[21]  Jeffrey W. Smith,et al.  A Pipeline Architecture for Factoring Large Integers with the Quadratic Sieve Algorithm , 1988, SIAM J. Comput..

[22]  Richard P. Brent,et al.  A new lower bound for odd perfect numbers , 1989 .

[23]  Richard P. Brent,et al.  Improved techniques for lower bounds for odd perfect numbers , 1989 .

[24]  Richard P. Brent,et al.  Primality testing and integer factorisation , 1990 .