Sieving Hardware for Factoring and ECM Support

Christine Priplata
Edizone

The best known algorithm for factoring RSA moduli of e.g. 1024 bit is the general number field sieve. One of its expensive parts is the relation collection step. The talk discusses algorithms and special-purpose hardware for this step,
in particular the parallelized lattice sieving device SHARK, which has a modular architecture consisting of small ASICs. In addition it is considered how such a
device can be well supported by specialized ECM hardware to finally accelerate
the relation collection step substantially.

Audio (MP3 File, Podcast Ready) Presentation (PDF File)

Back to Workshop IV: Special purpose hardware for cryptography: Attacks and Applications