SchnorrGate
fplll
Our great sponsors
SchnorrGate | fplll | |
---|---|---|
13 | 2 | |
302 | 291 | |
- | 3.1% | |
1.8 | 5.7 | |
over 1 year ago | 24 days ago | |
Sage | C++ | |
- | GNU Lesser General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SchnorrGate
-
Chinese researchers claim to find way to break encryption using quantum computers
They use Schnorr’s algorithm for factoring, which is very different from Shor’s algorithm that you might have heard of. It is not clear that is actually scales to larger numbers like the authors propose here. There is evidence that it requires much larger lattices than they claim. Still something to investigate further, but not an immediate worry I think.
-
Breaking RSA with a Quantum Computer
Here's an implementation of Schnorr's algorithm with an attempt to estimate the amount of work needed to factorize big numbers: https://github.com/lducas/SchnorrGate
It also contains some links to critique of the Schnorr's algorithm paper. It looks like either much more p_n-smooth integer pairs are needed or the size of the p_n-smooth integers should be much bigger than estimated by original Schnorr's paper. Or both estimations are off.
As the paper discussed Schneier relies on the assumptions of the (classic) Schnorr's algorithm, it may also be off in the calculations as well.
- No, RSA Is Not Broken
-
Prime-factor mathematical foundations of RSA cryptography ‘broken’, claims cryptographer
https://github.com/lducas/SchnorrGate is an analysis from someone that attempted to implement the code in the paper. It sounds like there are some "sensible" ideas in the paper, but that it doesn't hold up as well as claimed.
- Help needed to create algorithm based on Schnorr RSA paper
-
Simple Questions
Leo Ducas has a sage implementation of the algorithm here. You may also be interested in this crypto SE thread discussing the method.
-
Fast Factoring Integers by SVP Algorithms
Someone implemented it and it seems worst than what actually exists: https://github.com/lducas/SchnorrGate
-
Schnorr confirms paper is his, claims it “destroys RSA cryptosystem”
SchnorrGate
- SchnorrGate – Testing Schnorr's Factoring Claim in Sage
fplll
-
Schnorr confirms paper is his, claims it “destroys RSA cryptosystem”
It's using the FPLLL lattice reduction library.
-
Did Schnorr destroy RSA? Show me the factors
where ~= means "approximately equal to".
u is chosen as the product of primes of all a_i > 0 and v is chosen to be the product of all primes where a_i < 0. The hope is that (u - v*N) is also p_{n-1}-smooth, which, as far as I understand, most of the math in the paper is trying to justify.
The main innovation here, as far as I can tell, is that Schnorr is fiddling with the 'weighting' of the main diagonal when constructing the lattice basis. I interpret this as basically trying to randomize the initial lattice basis so that the chances of getting a different integer relation (for eventual construction of u,v) is more probable.
I've been confused about this for over a decade as variants of this algorithm, and Schnorr's work in general, have been well published. For example, there's a paper from 2010 on "A Note on Integer Factorization Using Lattices" by Antonio Vera which discusses Schnorr's [3] construction.
Is Schnorr trying to shout louder so people will listen or is there something else fundamentally flawed with this type of algorithm?
Just a word of warning, LLL solves polynomial factorization in polynomial time (given a polynomial with integer coefficients, find it's factor polynomials also with integer coefficients) [4] and has been used to break other (now very old) cryptosystems [5]. If there's a candidate algorithm to solve integer factoring, lattice reduction (LLL, PSLQ, etc.) are it.
I know of fplll that's a stand alone (FOSS) implementation of LLL and some extensions (BKZ, etc.) [6].
[0] https://en.wikipedia.org/wiki/Lattice_reduction
[1] https://en.wikipedia.org/wiki/Lenstra%E2%80%93Lenstra%E2%80%...
[2] https://www.newton.ac.uk/files/seminar/20140509093009501-202...
[3] https://arxiv.org/pdf/1003.5461.pdf
[4] https://en.wikipedia.org/wiki/Factorization_of_polynomials#F...
What are some alternatives?
GLM - OpenGL Mathematics (GLM)
root - The official repository for ROOT: analyzing, storing and visualizing big data, scientifically
EUL - The mathEmatics Useful Library (the name is a work in progress) is a math general purpose c++20 header library that, among other things, features a big integer implementation.
casadi - CasADi is a symbolic framework for numeric optimization implementing automatic differentiation in forward and reverse modes on sparse matrix-valued computational graphs. It supports self-contained C-code generation and interfaces state-of-the-art codes such as SUNDIALS, IPOPT etc. It can be used from C++, Python or Matlab/Octave.
C-Plus-Plus - Collection of various algorithms in mathematics, machine learning, computer science and physics implemented in C++ for educational purposes.
ExprTK - C++ Mathematical Expression Parsing And Evaluation Library https://www.partow.net/programming/exprtk/index.html