International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Non-Wafer-Scale Sieving Hardware for the NFS: Another Attempt to Cope with 1024-bit

Authors:
Willi Geiselmann
Rainer Steinwandt
Download:
URL: http://eprint.iacr.org/2006/403
Search ePrint
Search Google
Abstract: Significant progress in the design of special purpose hardware for supporting the Number Field Sieve (NFS) has been made. From a practical cryptanalytic point of view, however, none of the published proposals for coping with the sieving step is satisfying. Even for the best known designs, the technological obstacles faced for the parameters expected for a 1024-bit RSA modulus are significant. Below we present a new hardware design for implementing the sieving step. The suggested chips are of moderate size and the inter-chip communication does not seem unrealistic. According to our preliminary analysis of the 1024-bit case, we expect the new design to be about 2 to 3.5 times slower than TWIRL (a wafer-scale design). Due to the more moderate technological requirements, however, from a practical cryptanalytic point of view the new design seems to be no less attractive than TWIRL.
BibTeX
@misc{eprint-2006-21894,
  title={Non-Wafer-Scale Sieving Hardware for the NFS: Another Attempt to Cope with 1024-bit},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / RSA, cryptanalytic hardware, factoring integers, NFS},
  url={http://eprint.iacr.org/2006/403},
  note={ rsteinwa@fau.edu 13463 received 11 Nov 2006},
  author={Willi Geiselmann and Rainer Steinwandt},
  year=2006
}