https://sweis.medium.com/did-schnorr-destroy-rsa-show-me-the-factors-dcb1bb980ab0 Get started Open in app Steve Weis 890 Followers About Follow Sign in Get started Follow 890 Followers About Get started Open in app Did Schnorr destroy RSA? Show me the factors. Steve Weis Steve Weis 2 hours ago*2 min read A recent paper, "Fast Factoring Integers by SVP Algorithms" by Claus P. Schnorr, claims significant improvements in factoring that " destroys the RSA cryptosystem". If true, it would be practical to demonstrate on well known RSA factoring challenges. No such demonstration has been made. Without this, assessing the correctness of the paper will have to wait for reviewers to wade through the details and give their feedback. Image for post Image for post Claus buries the lede. Big, If True This paper drew the attention of many cryptographers because Schnorr, notable for Schnorr signatures, is an accomplished cryptographer who has worked on factoring problems for at least a decade. There have been significant improvements in factoring over the last 20 years, so a big new result from a known researcher is at least plausible. Initial misspellings and version inconsistencies led to speculation that the submission was a prank. However, the provenance of the paper has been confirmed: it is indeed Schnorr. Claimed Factoring Runtime Schnorr's paper claims to factor 400-bit moduli in 4.2*109 operations and 800-bit moduli in 8.4*1010 operations. The 800-bit claims would be 36 bits of work. That would be demonstrable on commodity hardware. For comparison, the two most recent factoring records using CADO-NFS are: * 795-bit RSA using 900 physical CPU core years set in 2019 * 829-bit RSA using 2700 physical CPU core years set in 2020 The Crypto 2020 paper "Comparing the Difficulty of Factorization and Discrete Logarithm: a 240-digit Experiment" covers some of these results. Show Me the Factors According to the claims in Schnorr's paper, it should be practical to set significant new factoring records. There is a convenient 862-bit RSA challenge that has not been factored yet. Posting its factors, as done for the CADO-NFS team's records, would lend credence to Schnorr's paper and encourage more review of the methodology. Steve Weis Working in security and cryptography. Opinions are entirely my own. Follow 86 86 86 * Cryptography More from Steve Weis Follow Working in security and cryptography. Opinions are entirely my own. More From Medium Our Cybersecurity Foundation Is Crumbling? Prof Bill Buchanan OBE in ASecuritySite: When Bob Met Alice [1] [1] 9 Painful Signs That Your Partner Is No Longer In Love With You Elizabeth Kasujja in Hello, Love [1] [1] Bitcoin Hitting $100,000 Doesn't Matter. Many People Have Missed the Point. Tim Denning in The Ascent [1] [1] NYTimes Peru N-Word, Part Three: What Happened in the 2019 Investigation? Donald G. McNeil Jr. [1] [1] Three Things in Life That Aren't Worth The Effort Sean Kernan in Mind Cafe [1] [1] The Negative Side Effects of Beautiful Women Kim Petersen in Living Out Loud [1] [1] NYTimes Peru N-Word, Part Four: What Happened in Peru? Donald G. McNeil Jr. [1] [1] NYTimes Peru N-Word, Part Two: What Happened January 28? Donald G. McNeil Jr. [1] [1] About Help Legal Get the Medium app A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store