Eran Tromer of Weizmann Institute gave a talk at MIT on
special-purpose factoring machines,
and Intrepid Reporter Bob Hettinga summarized to Perry's List.
Date: Wed, 14 Sep 2005 21:12:30 -0400
To: cryptography@metzdowd.com
From: "R.A. Hettinga" <[EMAIL PROTECTED]>
Subject: Re: MIT talk: Special-Purpose Hardware for Integer Factoring
At 12:29 PM -0400 9/14/05, Steven M. Bellovin wrote:
>TODAY * TODAY * TODAY * WEDNESDAY, Sept. 14 2005
So, I saw this here at Farquhar Street at 14:55EST, jumped in the shower,
thus missing the train 13:20 train at Rozzy Square :-), instead took the
bus, and then the T, and got to MIT's New Funny-Looking Building about
16:40 or so, and saw the last few slides, asking the first, and only,
question, because the grad-students shot out of there at relativistic
velocity, probably so they wouldn't miss their dinner, or something...
The upshot, to me, was that 1024-bit RSA keys are, for Nobody Special
Anywhere, probably as DED as DES, for certain keys but probably not all
without way too much money, but that things start to go sideways for this
box somewhere south of 2kbit keysize, and so this is not TEOTWAWKI,
key-wise.
"Unless someone comes up with in algorithmic improvement." Of course. :-).
Cheers,
RAH
Who went, obviously, to poke him about Micromint and hash-collisions, for
fun, and who *did* have fun, as a result, in a dead-horse-beating kind of
way...
--
-----------------
R. A. Hettinga <mailto: [EMAIL PROTECTED]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
------- Forwarded Message
Forwarded by Steve Bellovin -
Open to the
Public
DATE: TODAY * TODAY * TODAY * WEDNESDAY, Sept. 14 2005
TIME: 4:00 p.m. - 5:30 p.m.
PLACE: 32-G575, Stata Center, 32 Vassar Street
TITLE: Special-Purpose Hardware for Integer Factoring
SPEAKER: Eran Tromer, Weizmann Institute
Factoring of large integers is of considerable interest in
cryptography and algorithmic number theory. In the quest for
factorization of larger integers, the present bottleneck lies in the
sieving and matrix steps of the Number Field Sieve algorithm. In a
series of works, several special-purpose hardware architectures for
these steps were proposed and evaluated.
The use of custom hardware, as opposed to the traditional RAM model,
offers major benefits (beyond plain reduction of overheads): the
possibility of vast fine-grained parallelism, and the chance to
identify and exploit technological tradeoffs at the algorithmic level.
Taken together, these works have reduced the cost of factoring by many
orders of magnitude, making it feasible, for example, to factor
1024-bit integers within one year at the cost of about US$1M (as
opposed to the trillions of US$ forecasted previously). This talk will
survey these results, emphasizing the underlying general ideas.
Joint works with Adi Shamir, Arjen Lenstra, Willi Geiselmann, Rainer
Steinwandt, Hubert K?pfer, Jim Tomlinson, Wil Kortsmit, Bruce Dodson,
James Hughes and Paul Leyland.
------- End of Forwarded Message
