MIT talk: Special-Purpose Hardware for Integer Factoring

2005-09-15 Thread David Wagner 
Victor Duchovni  wrote:
>> Joint works with [...]
>
>Is it politically correct to not cite DJB in this context [...]

The phrase "joint work with XXX" means that this was a collaboration
between XXX and the speaker.  If DJB wasn't part of the collaboration,
then of course he wouldn't be on that list.

This is different from a "related work" section, where one would cite
prior research.  But "joint work with" is not a citation; it's like
the list of authors on a paper.

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: MIT talk: Special-Purpose Hardware for Integer Factoring

2005-09-15 Thread R.A. Hettinga 
At 12:29 PM -0400 9/14/05, Steven M. Bellovin wrote:

>TODAY * TODAY * TODAY * WEDNESDAY, Sept. 14 2005

So, I saw this here at Farquhar Street at 14:55EST, jumped in the shower,
thus missing the train 13:20 train at Rozzy Square :-), instead took the
bus, and then the T, and got to MIT's New Funny-Looking Building about
16:40 or so, and saw the last few slides, asking the first, and only,
question, because the grad-students shot out of there at relativistic
velocity, probably so they wouldn't miss their dinner, or something...

The upshot, to me, was that 1024-bit RSA keys are, for Nobody Special
Anywhere, probably as DED as DES, for certain keys but probably not all
without way too much money, but that things start to go sideways for this
box somewhere south of 2kbit keysize, and so this is not TEOTWAWKI,
key-wise.

"Unless someone comes up with in algorithmic improvement." Of course. :-).

Cheers,
RAH
Who went, obviously, to poke him about Micromint and hash-collisions, for
fun, and who *did* have fun, as a result, in a dead-horse-beating kind of
way...


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: MIT talk: Special-Purpose Hardware for Integer Factoring

2005-09-15 Thread Victor Duchovni 
On Wed, Sep 14, 2005 at 12:29:39PM -0400, Steven M. Bellovin wrote:

> Taken together, these works have reduced the cost of factoring by many
> orders of magnitude, making it feasible, for example, to factor
> 1024-bit integers within one year at the cost of about US$1M (as
> opposed to the trillions of US$ forecasted previously). This talk will
> survey these results, emphasizing the underlying general ideas.
>   
>   
> Joint works with Adi Shamir, Arjen Lenstra, Willi Geiselmann, Rainer
> Steinwandt, Hubert K?pfer, Jim Tomlinson, Wil Kortsmit, Bruce Dodson,
> James Hughes and Paul Leyland.
> 

Is it politically correct to not cite DJB in this context (perhaps
it is since the talk invitation is not the paper, but the ommision
really caught my attention).

-- 

 /"\ ASCII RIBBON  NOTICE: If received in error,
 \ / CAMPAIGN Victor Duchovni  please destroy and notify
  X AGAINST   IT Security, sender. Sender does not waive
 / \ HTML MAILMorgan Stanley   confidentiality or privilege,
   and use is prohibited.

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

MIT talk: Special-Purpose Hardware for Integer Factoring

2005-09-14 Thread Steven M. Bellovin 

--- Forwarded Message


Open to the Public

DATE:TODAY * TODAY * TODAY * WEDNESDAY, Sept. 14 2005
TIME:4:00 p.m. - 5:30 p.m.
PLACE:   32-G575, Stata Center, 32 Vassar Street
TITLE:   Special-Purpose Hardware for Integer Factoring
SPEAKER: Eran Tromer, Weizmann Institute

Factoring of large integers is of considerable interest in
cryptography and algorithmic number theory. In the quest for
factorization of larger integers, the present bottleneck lies in the
sieving and matrix steps of the Number Field Sieve algorithm. In a
series of works, several special-purpose hardware architectures for
these steps were proposed and evaluated.

The use of custom hardware, as opposed to the traditional RAM model,
offers major benefits (beyond plain reduction of overheads): the
possibility of vast fine-grained parallelism, and the chance to
identify and exploit technological tradeoffs at the algorithmic level.

Taken together, these works have reduced the cost of factoring by many
orders of magnitude, making it feasible, for example, to factor
1024-bit integers within one year at the cost of about US$1M (as
opposed to the trillions of US$ forecasted previously). This talk will
survey these results, emphasizing the underlying general ideas.

Joint works with Adi Shamir, Arjen Lenstra, Willi Geiselmann, Rainer
Steinwandt, Hubert K?pfer, Jim Tomlinson, Wil Kortsmit, Bruce Dodson,
James Hughes and Paul Leyland.


--- End of Forwarded Message



--Steven M. Bellovin, http://www.cs.columbia.edu/~smb



-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]