[144506] in cryptography@c2.net mail archive
Re: Factoring attack against RSA based on Pollard's Rho
daemon@ATHENA.MIT.EDU (Paul Hoffman)
Sun Jun 7 10:02:59 2009
In-Reply-To:
<FE8262468DBD7F48A86E0EB2999D167C0215D17A@exchange.BERRYHOSTING.CA>
Date: Sat, 6 Jun 2009 17:16:30 -0700
To: "Greg Perry" <Greg.Perry@liveammo.com>, <cryptography@metzdowd.com>
From: Paul Hoffman <paul.hoffman@vpnc.org>
At 8:07 PM -0700 6/5/09, Greg Perry wrote:
>Greetings list members,
>
>I have published a unique factoring method related to Pollard's Rho that
>is published here:
>
>http://blog.liveammo.com/2009/06/factoring-fun/
>
>Any feedback would be appreciated.
Is there any practical value to this work? That's a serious question. The main statement about the value is "This is a factoring attack against RSA with an up to 80% reduction in the search candidates required for a conventional brute force key attack." Does that mean that it reduces the search space for a 1024-bit RSA key to, at best 205 bits (0.2 * 1024) of brute force? That is a silly reduction; reducing it to anything less than the estimate for NFS (about 80 bits) is not useful. Or, can this attack be combined with NFS? Or...?
--Paul Hoffman, Director
--VPN Consortium
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
