The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지
DOI QR코드

DOI QR Code

Two Cubic Polynomials Selection for the Number Field Sieve

Number Field Sieve에서의 두 삼차 다항식 선택

  • Received : 2011.06.09
  • Accepted : 2011.10.10
  • Published : 2011.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

RSA, the most commonly used public-key cryptosystem, is based on the difficulty of factoring very large integers. The fastest known factoring algorithm is the Number Field Sieve(NFS). NFS first chooses two polynomials having common root modulo N and consists of the following four major steps; 1. Polynomial Selection 2. Sieving 3. Matrix 4. Square Root, of which the most time consuming step is the Sieving step. However, in recent years, the importance of the Polynomial Selection step has been studied widely, because one can save a lot of time and memory in sieving and matrix step if one chooses optimal polynomial for NFS. One of the ideal ways of choosing sieving polynomial is to choose two polynomials with same degree. Montgomery proposed the method of selecting two (nonlinear) quadratic sieving polynomials. We proposed two cubic polynomials using 5-term geometric progression.

현재 가장 많이 쓰이는 공개키 암호시스템 중 하나인 RSA는 매우 큰 합성수 N의 인수분해가 어렵다는 것에 기반을 두고 있다. 120자리보다 큰 합성수를 인수분해하는데 가장 효율적인 알고리즘으로 알려진 Number Field Sieve (NFS)는 법 N에 대하여 공통근을 갖는 두 다항식 선택한 후에, sieving, linear algebra, square root 단계를 차례대로 거친다. 최근의 많은 연구 결과에 따르면 다항식을 얼마나 적합하게 선택하느냐에 따라 sieving step에서의 복잡도가 크게 달라질 수 있다는 것이 알려져 있다. Sieving 다항식은 차수가 같은 두 다항식을 선택하는 것이 이상적이며 두 개의 2차 다항식을 선택하는 방법은 이미 Montgomery가 제시하였다. 이 논문에서는 5항 등 비수열 방법을 이용하여 두 개의 3차 다항식 선택방법을 제시하고자 한다.

Keywords

Acknowledgement

Supported by : 한국연구재단

References

  1. J.P. Buhler, H.W. Lenstra, C. Pomerance, Factoring Integers with the Number Field Sieve. Reprinted in The Development of the Number Field Sieve, Lecture Notes in Mathematics 1554. A.K. Lenstra, HW. Lenstra, Jr., Eds. (1993)
  2. T. Kleinjung, "On polynomial selection for the general number field sieve". Mathematics of Computation 75 (2006), 2037-2047 https://doi.org/10.1090/S0025-5718-06-01870-9
  3. A. K. Lenstra, H. W. Lenstra, Jr, and L. Lov´asz, "Factoring polynomials with rational coefficients", Mathematische Ann., 261, 513-534, 1982
  4. T. Kleinjung, K. Aoki, J. Franke, A. Lenstra, E. Thome, J. Bos, P. Gaudry, A. Kruppa, P. Montgomery, D. Osvik, H. te Riele, A. Timofeev, P. Zimmermann, "Factorization of a 768-bit RSA modulus", Proceeding of Crypto 2010, LNCS 6223, pp.333-350, 2010
  5. P. Montgomery, "Small geometric progressions modulo n". Unpublished note of 2 pages. December 1993, revised 1995 and 2005
  6. P. Montgomery, Searching for Higher-Degree Polynomials for the General Number Field Sieve. PowerPoint Presentation. October, 2006
  7. B. Murphy, "Polynomial Selection for the Number Field Sieve Integer Factorization Algorithm", Ph.D thesis, Australian National Universit, July 1999
  8. T. Prest, P. Zimmermann, "Non-linear polynomial selection for the number field sieve", available at http://hal.archives-ouvertes.fr/docs/00/54/04/83/PDF/polyselect.pdf