Currently, the best known algorithm for factorizing modulus of the RSA public key cryptosystem is the Number Field Sieve. One of its important phases usually combines a sieving technique and a method for checking smoothness of mid-size numbers. For this factorization, the Elliptic Curve Method (ECM) is an attractive solution. As ECM is highly regular and many parallel computations are required, hardware-based platforms were shown to be more cost-effective than software solutions. The few papers dealing with implementation of ECM on FPGA are all based on bit-serial architectures. They use only general-purpose logic and low-cost FPGAs which appear as the best performance/cost solution. This work explores another approach, based on the exploitation of embedded multipliers available in modern FPGAs and the use of high-performances FPGAs. The proposed architecture – based on a fully parallel and pipelined modular multiplier circuit – exhibits a 15-fold improvement over throughput/hardware cost ratio of previously published results.

As many cryptographic schemes rely on the hardness of integer factorization, exploration of the concrete costs of factoring large integers is of considerable interest. Most research has focused on PC-based implementations of factoring algorithms; these have successfully factored 530-bit integers, but practically cannot scale much further. Recent works have placed the bottleneck at the sieving step of the Number Field Sieve algorithm. We present a new implementation of this step, based on a custom-built hardware device that achieves a very high level of parallelism "for free". The design combines algorithmic and technological aspects: by devising algorithms that take advantage of certain tradeoffs in chip manufacturing technology, efficiency is increased by many orders of magnitude compared to previous proposals. Using this hypothetical device (and ignoring the initial R&D costs), it appears possible to break a 1024-bit RSA key in one year using a device whose cost is about $10M (previous predictions were in the trillions of dollars).

Abstract. We are given a trajectory T and an area A. T might intersect A several times, and our aim is to detect whether T visits A with some regularity, e.g. what is the longest time span that a GPS-GSM equipped elephant visited a specific lake on a daily (weekly or yearly) basis, where the elephant has to visit the lake most of the days (weeks or years), but not necessarily on every day (week or year). During the modelling of such applications, we encounter an elementary problem on bitstrings, that we call LDS (LongestDenseSubstring). The bits of the bitstring correspond to a sequence of regular time points, in which a bit is set to 1 iff the trajectory T intersects the area A at the corresponding time point. For the LDS problem, we are given a string s as input and want to output a longest substring of s, such that the ratio of 1’s in the substring is at least a certain threshold. In our model, LDS is a core problem for many applications that aim at detecting regularity of T intersecting A. We propose an optimal algorithm to solve LDS, and also for related problems that are closer to applications, we provide efficient algorithms for detecting regularity. 1

Introduction The security of modern public-key cryptography is usually based on the presumed hardness of problems such as factoring integers or computing discrete logarithms. The Number Field Sieve [19] (NFS) and Function Field Sieve [1] (FFS) oer two examples of algorithms that can attack these problems. Such algorithms are generally speci ed in two phases. The rst phase, sometimes called the sieving step, aims to collect many relations that represent small items of information about the problem one is trying to solve. This phase is easy to parallelise since one can generate the relations independently. It is therefore attractive for distributed, Internet based collaborative computation [26]. The second phase of processing, sometimes called the matrix step, aims to collect the relations and combine them into a single linear system which, when solved, allows one to eciently compute answers to the original problem. Ecient implementation of the matrix step is challenging since the li

Abstract-Recent technological advances in mobile communications have allowed public to take part in noncritical elections (such as deciding the most valuable player in sports events) with low-power, low-cost and small sized portable communication devices. However, more critical elections (such as political elections) have not yet held in mobile communication environments, mainly because of security concerns, communication and computation constrains of portable communication devices. In this paper, we come up with a secure electronic election scheme in mobile communication environments, which meets completeness, soundness, privacy, unreusability, eligibility, fairness, and verifiability. Our scheme is based on blind signature and needs low computation complexity in portable communication devices. I.

3 Finite Fields In computational number theory and cryptographic applications, we often have to work over finite fields. A finite field F is a finite set with operations "+ " and "\Theta " which satisfy the usual associative, commutative and distributive laws:

In this paper, a new factorization algorithm is presented, which finds a prime factor p of an integer n in time (D log n) , if 4p 1 = Db where D and b are integers. Hence this algorithm will factor a number efficiently, if it has a prime factor p such that 4p-1 is a product of a small integer and a square. Such primes should be avoided when we select the RSA secret keys. Some generalizations of the algorithm are discussed in the paper as well.

Currently, the best known algorithm for factorizing modulus of the RSA public key cryptosystem is the Number Field Sieve. One of its important phases usually combines a sieving technique and a method for checking smoothness of mid-size numbers. For this factorization, the Elliptic Curve Method (ECM) is an attractive solution. As ECM is highly regular and many parallel computations are required, hardware-based platforms were shown to be more cost-effective than software solutions. The few papers dealing with implementation of ECM on FPGA are all based on bit-serial architectures. They use only general-purpose logic and low-cost FPGAs which appear as the best performance/cost solution. This work explores another approach, based on the exploitation of embedded multipliers available in modern FPGAs and the use of high-performances FPGAs. The proposed architecture – based on a fully parallel and pipelined modular multiplier circuit – exhibits a 15-fold improvement over throughput/hardware cost ratio of previously published results.

Abstract. Let N = pq be an RSA modulus, i.e. the product of two large unknown primes of equal bit-size. We consider the class of the public exponents satisfying an equation eX − NY = (ap + bq)Z with 0 < a < q, b = ap