factoring integers and producing primes
play

Factoring integers and Producing primes Francesco Pappalardi - PowerPoint PPT Presentation

Mar 23, 2023 •440 likes •749 views

Erbil, Kurdistan 0 Factoring integers,..., RSA Lecture in Number Theory College of Sciences Department of Mathematics University of Salahaddin Debember 4, 2014 Factoring integers and Producing primes Francesco Pappalardi Universit` a Roma

  1. Erbil, Kurdistan 0 Factoring integers,..., RSA Lecture in Number Theory College of Sciences Department of Mathematics University of Salahaddin Debember 4, 2014 Factoring integers and Producing primes Francesco Pappalardi Universit` a Roma Tre

  2. Erbil, Kurdistan 1 Factoring integers,..., RSA How large are large numbers? 10 15 ☞ number of cells in a human body: 10 80 ☞ number of atoms in the universe: 10 120 ☞ number of subatomic particles in the universe: 10 27 ☞ number of atoms in a Human Brain: 10 26 ☞ number of atoms in a cat: Universit` a Roma Tre

  3. Erbil, Kurdistan 2 Factoring integers,..., RSA RSA 2048 = 25195908475657893494027183240048398571429282126204 032027777137836043662020707595556264018525880784406918290641249 515082189298559149176184502808489120072844992687392807287776735 971418347270261896375014971824691165077613379859095700097330459 748808428401797429100642458691817195118746121515172654632282216 869987549182422433637259085141865462043576798423387184774447920 739934236584823824281198163815010674810451660377306056201619676 256133844143603833904414952634432190114657544454178424020924616 515723350778707749817125772467962926386356373289912154831438167 899885040445364023527381951378636564391212010397122822120720357 RSA 2048 is a 617 (decimal) digit number http://www.rsa.com/rsalabs/challenges/factoring/numbers.html/ Universit` a Roma Tre

  4. Erbil, Kurdistan 3 Factoring integers,..., RSA p, q ≈ 10 308 RSA 2048 = p · q , PROBLEM: Compute p and q Price offered on MArch 18, 1991: 200.000 US$ ( ∼ 232 . 700 . 000 Iraq Dinars)!! Theorem. If a ∈ N ∃ ! p 1 < p 2 < · · · < p k primes s.t. a = p α 1 1 · · · p α k k Regrettably: RSAlabs believes that factoring in one year requires: number computers memory 1 . 6 × 10 15 RSA 1620 120 Tb RSA 1024 342 , 000 , 000 170 Gb RSA 760 215,000 4Gb. Universit` a Roma Tre

  5. Erbil, Kurdistan 4 Factoring integers,..., RSA http://www.rsa.com/rsalabs/challenges/factoring/numbers.html Challenge Number Prize ($US) RSA 576 $10,000 RSA 640 $20,000 RSA 704 $30,000 RSA 768 $50,000 RSA 896 $75,000 RSA 1024 $100,000 RSA 1536 $150,000 RSA 2048 $200,000 Universit` a Roma Tre

  6. Erbil, Kurdistan 4 Factoring integers,..., RSA http://www.rsa.com/rsalabs/challenges/factoring/numbers.html Numero Premio ($US) Status RSA 576 $10,000 Factored December 2003 RSA 640 $20,000 Factored November 2005 RSA 704 $30,000 Factored July, 2 2012 RSA 768 $50,000 Factored December, 12 2009 RSA 896 $75,000 Not factored RSA 1024 $100,000 Not factored RSA 1536 $150,000 Not factored RSA 2048 $200,000 Not factored The RSA challenges ended in 2007. RSA Laboratories stated: “ Now that the industry has a considerably more advanced understanding of the cryptanalytic strength of common symmetric-key and public-key algorithms, these challenges are no longer active. ” Universit` a Roma Tre

  7. Erbil, Kurdistan 5 Factoring integers,..., RSA Famous citation!!! A phenomenon whose probability is 10 − 50 never happens, and it will never be observed. - ´ Emil Borel (Les probabilit´ es et sa vie) Universit` a Roma Tre

  8. Erbil, Kurdistan 6 Factoring integers,..., RSA History of the “Art of Factoring” ➳ 220 BC Greeks (Eratosthenes of Cyrene ) ➳ 1730 Euler 2 2 5 + 1 = 641 · 6700417 ➳ 1750–1800 Fermat, Gauss (Sieves - Tables) ➳ 1880 Landry & Le Lasseur: 2 2 6 + 1 = 274177 × 67280421310721 ➳ 1919 Pierre and Eug` ene Carissan (Factoring Machine) ➳ 1970 Morrison & Brillhart 2 2 7 + 1 = 59649589127497217 × 5704689200685129054721 ➳ 1982 Quadratic Sieve QS (Pomerance) � Number Fields Sieve NFS ➳ 1987 Elliptic curves factoring ECF (Lenstra) Universit` a Roma Tre

  9. Erbil, Kurdistan 7 Factoring integers,..., RSA History of the “Art of Factoring” 220 BC Greeks (Eratosthenes of Cyrene) Universit` a Roma Tre

  10. Erbil, Kurdistan 8 Factoring integers,..., RSA History of the “Art of Factoring” 1730 Euler 2 2 5 + 1 = 641 · 6700417 Universit` a Roma Tre

  11. Erbil, Kurdistan 9 Factoring integers,..., RSA How did Euler factor 2 2 5 + 1 ? Proposition Suppose p is a prime factor of b n + 1 . Then 1. p is a divisor of b d + 1 for some proper divisor d of n such that n/d is odd or 2. p − 1 is divisible by 2 n . Application: Let b = 2 and n = 2 5 = 64. Then 2 2 5 + 1 is prime or it is divisible by a prime p such that p − 1 is divisible by 128. Note that 1 + 1 × 128 = 3 × 43, 1 + 2 × 128 = 257 is prime, 1 + 3 × 128 = 5 × 7 × 11, 1 + 4 × 128 = 3 3 × 19 and 1 + 5 · 128 = 641 is prime. Finally 2 2 5 + 1 = 4294967297 = 6700417 641 641 Universit` a Roma Tre

  12. Erbil, Kurdistan 10 Factoring integers,..., RSA History of the “Art of Factoring” 1730 Euler 2 2 5 + 1 = 641 · 6700417 Universit` a Roma Tre

  13. Erbil, Kurdistan 11 Factoring integers,..., RSA History of the “Art of Factoring” 1750–1800 Fermat, Gauss (Sieves - Tables) Universit` a Roma Tre

  14. Erbil, Kurdistan 12 Factoring integers,..., RSA History of the “Art of Factoring” 1750–1800 Fermat, Gauss (Sieves - Tables) Factoring with sieves N = x 2 − y 2 = ( x − y )( x + y ) Universit` a Roma Tre

  15. Erbil, Kurdistan 13 Factoring integers,..., RSA Carissan’s ancient Factoring Machine Figure 1: Conservatoire Nationale des Arts et M´ etiers in Paris http://www.math.uwaterloo.ca/ shallit/Papers/carissan.html Universit` a Roma Tre

  16. Erbil, Kurdistan 14 Factoring integers,..., RSA Figure 2: Lieutenant Eug` ene Carissan 225058681 = 229 × 982789 2 minutes 3450315521 = 1409 × 2418769 3 minutes 3570537526921 = 841249 × 4244329 18 minutes Universit` a Roma Tre

  17. Erbil, Kurdistan 15 Factoring integers,..., RSA State of the “Art of Factoring” 1970 - John Brillhart & Michael A. Morrison 2 2 7 + 1 = 59649589127497217 × 5704689200685129054721 Universit` a Roma Tre

  18. Erbil, Kurdistan 16 Factoring integers,..., RSA State of the “Art of Factoring” F n = 2 (2 n ) + 1 is called the n –th Fermat number Up to today only from F 0 to F 11 are factores. It is not known the factorization of F 12 = 2 2 12 + 1 Universit` a Roma Tre

  19. Erbil, Kurdistan 17 Factoring integers,..., RSA State of the “Art of Factoring” 1982 - Carl Pomerance - Quadratic Sieve Universit` a Roma Tre

  20. Erbil, Kurdistan 18 Factoring integers,..., RSA State of the “Art of Factoring” 1987 - Hendrik Lenstra - Elliptic curves factoring Universit` a Roma Tre

  21. Erbil, Kurdistan 19 Factoring integers,..., RSA Contemporary Factoring ❶ 1994, Quadratic Sieve (QS): (8 months, 600 volunteers, 20 nations) D.Atkins, M. Graff, A. Lenstra, P. Leyland RSA 129 = 114381625757888867669235779976146612010218296721242362562561842935706 935245733897830597123563958705058989075147599290026879543541 = = 3490529510847650949147849619903898133417764638493387843990820577 × 32769132993266709549961988190834461413177642967992942539798288533 ❷ (February 2 1999), Number Field Sieve (NFS): (160 Sun, 4 months) RSA 155 = 109417386415705274218097073220403576120037329454492059909138421314763499842 88934784717997257891267332497625752899781833797076537244027146743531593354333897 = = 102639592829741105772054196573991675900716567808038066803341933521790711307779 × 106603488380168454820927220360012878679207958575989291522270608237193062808643 ❸ (December 3, 2003) (NFS): J. Franke et al. (174 decimal digits) RSA 576 = 1881988129206079638386972394616504398071635633794173827007633564229888597152346 65485319060606504743045317388011303396716199692321205734031879550656996221305168759307650257059 = = 398075086424064937397125500550386491199064362342526708406385189575946388957261768583317 × 472772146107435302536223071973048224632914695302097116459852171130520711256363590397527 ❹ Elliptic curves factoring: introduced by H. Lenstra. suitable to detect small factors (50 digits) all have ”sub–exponential complexity” Universit` a Roma Tre

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Factoring integers, Producing primes and the RSA cryptosystem Francesco Pappalardi Universit` a

Factoring integers, Producing primes and the RSA cryptosystem Francesco Pappalardi Universit` a

College of Science for Women 0 Factoring integers,..., RSA Lecture in Number Theory College of Science for Women Baghdad University March 31, 2014 Factoring integers, Producing primes and the RSA cryptosystem Francesco Pappalardi

2.06k views • 192 slides
Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute

Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute

HRI, Allahabad, February, 2005 0 RSA cryptosystem Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute Allahabad (UP), INDIA February, 2005 Universit` a Roma Tre HRI, Allahabad, February, 2005 1

1.92k views • 170 slides
Factoring into large primes with P-1, P+1 and ECM Alexander Kruppa LORIA CADO workshop Nancy,

Factoring into large primes with P-1, P+1 and ECM Alexander Kruppa LORIA CADO workshop Nancy,

Factoring into large primes with P-1, P+1 and ECM Alexander Kruppa LORIA CADO workshop Nancy, 9. October 2008 Using P-1, P+1 and ECM in NFS For large factoring projects, memory becomes a limiting resource. Large factor base bound B requires

385 views • 21 slides
Quantum algorithms for computing short discrete logarithms and factoring RSA integers PQCrypto

Quantum algorithms for computing short discrete logarithms and factoring RSA integers PQCrypto

Quantum algorithms for computing short discrete logarithms and factoring RSA integers PQCrypto 2017, 8th International Workshop, Utrecht, June 26-28, 2017 Martin Eker 1 , 2 Johan Hstad 1 1 KTH Royal Institute of Technology, SE-100 44

728 views • 31 slides
Factoring Integers by CVP Algorithms for the Prime Number Lattice Claus P . Schnorr Department

Factoring Integers by CVP Algorithms for the Prime Number Lattice Claus P . Schnorr Department

Factoring Integers by CVP Algorithms for the Prime Number Lattice Claus P . Schnorr Department of Computer Science and Mathematics Goethe-University Frankfurt Main Quantum Cryptanalysis, Schloss Dagstuhl 1.-6. Oct. 2017 The prime number

379 views • 14 slides
Number Theory Divisibility and Primes Definition. If a and b are integers and there is some

Number Theory Divisibility and Primes Definition. If a and b are integers and there is some

Number Theory Divisibility and Primes Definition. If a and b are integers and there is some integer c such that a = b c , then we say that b divides a or is a factor or divisor of a and write b | a . Definition (Prime Number). A prime number is

381 views • 24 slides
Factoring and RSA Nadia Heninger University of Pennsylvania September 18, 2017 *Some slides

Factoring and RSA Nadia Heninger University of Pennsylvania September 18, 2017 *Some slides

Factoring and RSA Nadia Heninger University of Pennsylvania September 18, 2017 *Some slides joint with Dan Bernstein and Tanja Lange Textbook RSA [Rivest Shamir Adleman 1977] Public Key Private Key N = pq modulus p , q primes e encryption

1.39k views • 95 slides
Shors Algorithm for Factoring: Background Quantum Algorithms In 1994, Peter Shor came up with O

Shors Algorithm for Factoring: Background Quantum Algorithms In 1994, Peter Shor came up with O

Shors Algorithm for Factoring: Background Quantum Algorithms In 1994, Peter Shor came up with O ( n 3 ) -time algorithm DPV Chapter 10 for factoring n -bit integers on a quantum algorithm. Why is this a big deal? O ( e n 1/3 ( log n )

712 views • 5 slides
Factors 2 12 Factors Factors 3 13 and Unique Unique 14 4 to 10 to 15 Greatest Common

Factors 2 12 Factors Factors 3 13 and Unique Unique 14 4 to 10 to 15 Greatest Common

Slide 1 / 128 Slide 2 / 128 Table of Contents Factors and GCF Factoring out GCF's Polynomials Factoring Trinomials x 2 + bx + c Factoring Using Special Patterns Factoring Trinomials ax 2 + bx + c Factoring 4 Term Polynomials

472 views • 22 slides
8. Factoring polynomials over finite fields CS-E4500 Advanced Course on Algorithms Spring 2018

8. Factoring polynomials over finite fields CS-E4500 Advanced Course on Algorithms Spring 2018

8. Factoring polynomials over finite fields CS-E4500 Advanced Course on Algorithms Spring 2018 Peteri Kaski Department of Computer Science Aalto University Lecture schedule Tue 16 Jan: 1. Polynomials and integers Tue 23 Jan: 2. The fast

661 views • 41 slides
RSA Parameter Generation Bob needs to: - find 2 large primes p,q - find e s.t. gcd(e, (pq))=1

RSA Parameter Generation Bob needs to: - find 2 large primes p,q - find e s.t. gcd(e, (pq))=1

RSA Parameter Generation Bob needs to: - find 2 large primes p,q - find e s.t. gcd(e, (pq))=1 Good news: - primes are fairly common: there are about N/ln N primes N Exercise: If looking for a 512-bit prime, how many randomly generated

358 views • 10 slides
CS 4803 If a, N are integers with N &gt; 0 then there are unique integers r , q such that a = Nq

CS 4803 If a, N are integers with N &gt; 0 then there are unique integers r , q such that a = Nq

Let Z = {. . . , 2, 1, 0, 1, 2, . . .} denote the set of integers. Let Z+ = {1, 2, . . .} denote the set of positive integers and N = {0, 1, 2, . . .} the set of non-negative integers. CS 4803 If a, N are integers with N &gt; 0 then there

166 views • 4 slides
FACTORING WITH JUDGMENTS w w w . g u t i e r r e z g r o u p . c o m . c o What is it about?

FACTORING WITH JUDGMENTS w w w . g u t i e r r e z g r o u p . c o m . c o What is it about?

F A C T O R I N G W I T H J U D G M E N T S FACTORING WITH JUDGMENTS w w w . g u t i e r r e z g r o u p . c o m . c o What is it about? FACTORING It is precisely after the judgment is won by This out-of-the-box product uses the - the

199 views • 7 slides
Public-key cryptography Q sieve Daniel J. Bernstein Sieving small integers i &gt; 0 Tanja Lange

Public-key cryptography Q sieve Daniel J. Bernstein Sieving small integers i &gt; 0 Tanja Lange

1 2 Public-key cryptography Q sieve Daniel J. Bernstein Sieving small integers i &gt; 0 Tanja Lange using primes 2 ; 3 ; 5 ; 7: 1 Part II: 2 2 3 3 Factorization 4 2 2 5 5 6 2 3 15 August 2017 7 7 8 2 2 2 9 3 3 10 2 5 Sage

1.93k views • 161 slides
Number Theory A bit more depth. . . modular arithmetic primes Euclids algorithm

Number Theory A bit more depth. . . modular arithmetic primes Euclids algorithm

1 Number Theory A bit more depth. . . modular arithmetic primes Euclids algorithm Chinese remainder theorem Eulers totient function Eulers theorem 2 Modular Arithmetic m; n integers, n &gt; 0

2.23k views • 15 slides
Generating random primes faster The standard algorithm to generate random primes: D. J.

Generating random primes faster The standard algorithm to generate random primes: D. J.

1 2 Generating random primes faster The standard algorithm to generate random primes: D. J. Bernstein proof.arithmetic(False) while True: pqRSA project team: p = randrange(2^(n-1),2^n) Daniel J. Bernstein p = ZZ(p) Josh Fried if

826 views • 14 slides
ROMA: A Middleware Framework for Seamless Handover Adrian Popescu, David Erman , Karel de

ROMA: A Middleware Framework for Seamless Handover Adrian Popescu, David Erman , Karel de

ROMA: A Middleware Framework for Seamless Handover Adrian Popescu, David Erman , Karel de Vogeleer, Alexandru Popescu, Markus Fiedler Situation today Device heterogeneity Access network heterogeneity Application heterogeneity

772 views • 16 slides
E ff ects of Radioactivity on Superconducting Quantum Bits Laura Cardani for the DEMETRA

E ff ects of Radioactivity on Superconducting Quantum Bits Laura Cardani for the DEMETRA

E ff ects of Radioactivity on Superconducting Quantum Bits Laura Cardani for the DEMETRA Collaboration Istituto Nazionale di Fisica Nucleare - Roma 09/09/2019 TAUP , Toyama, Japan Superconducting QUBITS Qubit: any two level system (many

431 views • 24 slides
MM Roma 10 03 2015 Riunione 27 marzo, situazione ordini incollatrice,

MM Roma 10 03 2015 Riunione 27 marzo, situazione ordini incollatrice,

MM Roma 10 03 2015 Riunione 27 marzo, situazione ordini incollatrice, Situazione camera pulita, delivery dei componenti, tempi costruzione, workflow (P.Bagnaia) stato QAQC: leak test, limbo, controlli vari

472 views • 12 slides
Smart Objects SAPIENZA Universit di Roma, M.Sc. in Product Design Fabio Patrizi 1 What is a

Smart Objects SAPIENZA Universit di Roma, M.Sc. in Product Design Fabio Patrizi 1 What is a

Smart Objects SAPIENZA Universit di Roma, M.Sc. in Product Design Fabio Patrizi 1 What is a Smart Object? Essentially, an object that: Senses Thinks Acts 2 Example 1 https://www.youtube.com/watch?v=6bNcjD8ekE0 3 Example 2

1.46k views • 128 slides
Introduction to Galois Representations Applications Plan for today Serres Cyclicity NATO

Introduction to Galois Representations Applications Plan for today Serres Cyclicity NATO

Dipartim. Mat. &amp; Fis. Universit` a Roma Tre Introduction to Galois Representations Applications Plan for today Serres Cyclicity NATO ASI, Ohrid 2014 Conjecture Lang Trotter Conjecture Arithmetic of Hyperelliptic Curves for trace of

726 views • 31 slides
LOD 2014 LINKED DATA IN THE CURRICULUM OF THE DILL INTERNATIONAL MASTER Anna Maria Tammaro,

LOD 2014 LINKED DATA IN THE CURRICULUM OF THE DILL INTERNATIONAL MASTER Anna Maria Tammaro,

LOD 2014 LINKED DATA IN THE CURRICULUM OF THE DILL INTERNATIONAL MASTER Anna Maria Tammaro, Universita di Parma Vittore Casarosa, ISTI-CNR, Pisa Carlo Meghini, ISTI-CNR, Pisa Roma 20 Febbraio 2014 DILL DIgital Libraries Learning

488 views • 17 slides
R ESIDUAL STRESS MEASUREMENT BY FIB A controlled removal of a small material volume is

R ESIDUAL STRESS MEASUREMENT BY FIB A controlled removal of a small material volume is

F OCUSED I ON B EAM TECHNIQUES FOR RESIDUAL STRESS ANALYSIS AT THE MICRON - SCALE Marco Sebastiani University of Rome Roma TRE Engi nee ri ng Department Materials Science and Technology Group 7th Annual FIB SEM Workshop Thursday, February 27th,

295 views • 26 slides
Universit di Roma La Sapienza Dipartimento di Informatica e Sistemistica An accurate

Universit di Roma La Sapienza Dipartimento di Informatica e Sistemistica An accurate

Universit di Roma La Sapienza Dipartimento di Informatica e Sistemistica An accurate closed-form estimate of ICPs covariance Andrea Censi Based on the analysis of the error function. Advantages over previous approaches:

535 views • 20 slides

More recommend