After a quiet interval of just two weeks shy of a decade, on December 2nd the team of F. Boudot, P. Gaudry, A. Guillevic, N. Heninger, E. Thomé and P. Zimmermann announced a new record in factoring length, factoring a number created as part of the RSA Factoring Challenge.
This number is 795 bits, up from the 768-bit number successfully factored into its two prime factors back in December, 2009. In the interval, several other challenge numbers were factored, but each one was actually shorter than 768 bits.
What does this say about the strength of public-key cryptography? ...not much, in my non-expert opinion. An increase of 27 bits over a decade is, well, 2.7 bits/year. The authors estimate that their computation should be 2.25 times harder than the 768-bit number, based on scaling of the number field sieve. However, various improvements gave them an advantage, and the 4,000 CPU-core years expended on this was 3 times faster than would otherwise have been expected.
In the prior decade, 1999-2009, the record was raised from 512 bits to 768 bits, over 25 bits/year. So this appears to be quite a slowdown, with the 768-bit record having held for an extraordinarily long time. But, among other things, the cash prize was withdrawn when the RSA Challenge ended in 2007, so incentives to simply demonstrate larger and larger factoring have declined. Of course, that doesn't mean that research on the topic has ended.
So, as always an important milestone, but hard to assign too much importance to it, either positive or negative, in my opinion.
No comments:
Post a Comment