Speeding up Integer Multiplication and Factorization

Alexander Kruppa 1
1 CARAMEL - Cryptology, Arithmetic: Hardware and Software
INRIA Nancy - Grand Est, LORIA - ALGO - Department of Algorithms, Computation, Image and Geometry
Abstract : This thesis explores improvements to well-known algorithms for integer multiplication and factorization.

The Schönhage-Strassen algorithm for integer multiplication, published in 1971, was the first to achieve complexity O(n log(n) log(log(n))) for multiplication of n-bit numbers and is still among the fastest in practice. It reduces integer multiplication to multiplication of polynomials over finite rings which allow the use of the Fast Fourier Transform for computing the convolution product. In joint work with Gaudry and Zimmermann, we describe an efficient implementation of the algorithm based on the GNU Multiple Precision arithmetic library, improving cache utilization, parameter selection and convolution length for the polynomial multiplication over previous implementations, resulting in nearly 2-fold speedup.

The P-1 and P+1 factoring algorithms find a prime factor p of a composite number quickly if p-1, respectively p+1, contains no large prime factors. They work in two stages: the first step computes a high power g1 of an element g0 of a finite group defined over Fp, respectively Fp^2, the second stage looks for a collision of powers of g1 which can be performed efficiently via polynomial multi-point evaluation. In joint work with Peter Lawrence Montgomery, we present an improved stage 2 for these algorithms with faster construction of the required polynomial and very memory-efficient evaluation, increasing the practical search limit for the largest permissible prime in p-1, resp. p+1, approximately 100-fold over previous implementations.

The Number Field Sieve (NFS) is the fastest known factoring algorithm for ``hard'' integers where the factors have no properties that would make them easy to find. In particular, the modulus of the RSA encryption system is chosen to be a hard composite integer, and its factorization breaks the encryption. Great efforts are therefore made to improve NFS in order to assess the security of RSA accurately. We give a brief overview of the NFS and its history. In the sieving phase of NFS, a great many smaller integers must be factored. We present in detail an implementation of the P-1, P+1, and Elliptic Curve methods of factorization optimized for high-throughput factorization of small integers. Finally, we show how parameters for these algorithms can be chosen accurately, taking into account the distribution of prime factors in integers produced by NFS to obtain an accurate estimate of finding a prime factor with given parameters.

Document type :
Other [cs.OH]. Université Henri Poincaré - Nancy I, 2010. English

Contributor : Alexander Kruppa <>
Submitted on : Wednesday, April 28, 2010 - 2:15:58 PM
Last modification on : Tuesday, September 22, 2015 - 1:13:13 AM


  • HAL Id : tel-00477005, version 2



Alexander Kruppa. Speeding up Integer Multiplication and Factorization. Other [cs.OH]. Université Henri Poincaré - Nancy I, 2010. English. <tel-00477005v2>




Consultation de
la notice


Téléchargement du document