Integer factorization: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 21:10, 14 December 2024 edit Sbmeirow (talk \| contribs) Extended confirmed users, Rollbackers 123,115 edits non-notable names ← Previous edit		Latest revision as of 20:54, 9 August 2025 edit undo Bender the Bot (talk \| contribs) Bots 1,064,377 edits m →External links: HTTP to HTTPS for SourceForge Tag: AWB
(9 intermediate revisions by 7 users not shown)
Line 7: To factorize a small integer {{mvar\|n}} using mental or pen-and-paper arithmetic, the simplest method is [[trial division]]: checking if the number is divisible by prime numbers {{math\|2}}, {{math\|3}}, {{math\|5}}, and so on, up to the [[square root]] of {{mvar\|n}}. For larger numbers, especially when using a computer, various more sophisticated factorization algorithms are more efficient. A prime factorization algorithm typically involves [[primality test\|testing whether each factor is prime]] each time a factor is found. When the numbers are sufficiently large, no efficient non-[[quantum computer\|quantum]] integer factorization [[algorithm]] is known. However, it has not been proven that such an algorithm does not exist. The presumed [[Computational hardness assumption\|difficulty]] of this problem is important for the algorithms used in [[cryptography]] such as [[RSA (cryptosystem)\|RSA public-key encryption]] and the [[Digital Signature Algorithm\|RSA digital signature]].<ref>{{Citation \|last=Lenstra \|first=Arjen K. \|title=Integer Factoring \|date=2011 ~~\|url=http://link.springer.com/10.1007/978-1-4419-5906-5_455~~ \|encyclopedia=Encyclopedia of Cryptography and Security \|pages=611–618 \|editor-last=van Tilborg \|editor-first=Henk C. A. \|place=Boston~~, MA~~ \|publisher=Springer ~~US \|language=en~~ \|doi=10.1007/978-1-4419-5906-5_455 \|isbn=978-1-4419-5905-8 ~~\|access-date=2022-06-22~~ \|editor2-last=Jajodia \|editor2-first=Sushil }}</ref> Many areas of [[mathematics]] and [[computer science]] have been brought to bear on this problem, including [[elliptic curve]]s, [[algebraic number theory]], and quantum computing. Not all numbers of a given length are equally hard to factor. The hardest instances of these problems (for currently known techniques) are [[semiprime]]s, the product of two prime numbers. When they are both large, for instance more than two thousand [[bit]]s long, randomly chosen, and about the same size (but not too close, for example, to avoid efficient factorization by [[Fermat's factorization method]]), even the fastest prime factorization algorithms on the fastest classical computers can take enough time to make the search impractical; that is, as the number of digits of the integer being factored increases, the number of operations required to perform the factorization on any classical computer increases drastically. Many cryptographic protocols are based on the presumed difficulty of factoring large composite integers or a related ~~problem—for~~problem {{Ndash}}for example, the [[RSA problem]]. An algorithm that efficiently factors an arbitrary integer would render [[RSA (algorithm)\|RSA]]-based [[public-key]] cryptography insecure. == Prime decomposition == Line 24: Among the {{math\|''b''}}-bit numbers, the most difficult to factor in practice using existing algorithms are those [[semiprimes]] whose factors are of similar size. For this reason, these are the integers used in cryptographic applications. In 2019, ~~a group factored~~ a 240-digit (795-bit) number ([[RSA-240]]) was factored by a team of researchers including [[Paul Zimmermann (mathematician)\|Paul Zimmermann]], utilizing approximately 900 core-years of computing power.<ref>{{cite web\| url = https://lists.gforge.inria.fr/pipermail/cado-nfs-discuss/2019-December/001139.html\| url-status = dead\| archive-url = https://web.archive.org/web/20191202190004/https://lists.gforge.inria.fr/pipermail/cado-nfs-discuss/2019-December/001139.html\| archive-date = 2019-12-02\| title = [Cado-nfs-discuss] 795-bit factoring and discrete logarithms}}</ref> ~~The~~These researchers estimated that a 1024-bit RSA modulus would take about 500 times as long.<ref name=rsa768>{{cite conference \| last1 = Kleinjung \| first1 = Thorsten \| last2 = Aoki \| first2 = Kazumaro Line 190: == External links == * [~~http~~https://sourceforge.net/projects/msieve/ msieve] – SIQS and NFS – has helped complete some of the largest public factorizations known * Richard P. Brent, "Recent Progress and Prospects for Integer Factorisation Algorithms", ''Computing and Combinatorics"'', 2000, pp. 3–22. [http://citeseer.ist.psu.edu/327036.html download] * [[Manindra Agrawal]], Neeraj Kayal, Nitin Saxena, "PRIMES is in P." Annals of Mathematics 160(2): 781–793 (2004). [http://www.cse.iitk.ac.in/users/manindra/algebra/primality_v6.pdf August 2005 version PDF]