Paper 2015/071
Factoring N=p^r q^s for Large r and s
Jean-Sebastien Coron, Jean-Charles Faugere, Guenael Renault, and Rina Zeitoun
Abstract
Boneh et al. showed at Crypto 99 that moduli of the form N=p^r q can be factored in polynomial time when r=log p. Their algorithm is based on Coppersmith's technique for finding small roots of polynomial equations. In this paper we show that N=p^r q^s can also be factored in polynomial time when r or s is at least (log p)^3; therefore we identify a new class of integers that can be efficiently factored. We also generalize our algorithm to moduli N with k prime factors; we show that a non-trivial factor of N can be extracted in polynomial-time if one of the k exponents is large enough.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Major revision. CT-RSA 2016
- Keywords
- Factoring N=p^r q^sCoppersmith's AlgorithmLLLRSA.
- Contact author(s)
- jean-sebastien coron @ uni lu
- History
- 2015-11-24: last of 2 revisions
- 2015-02-10: received
- See all versions
- Short URL
- https://ia.cr/2015/071
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/071, author = {Jean-Sebastien Coron and Jean-Charles Faugere and Guenael Renault and Rina Zeitoun}, title = {Factoring N=p^r q^s for Large r and s}, howpublished = {Cryptology {ePrint} Archive, Paper 2015/071}, year = {2015}, url = {https://eprint.iacr.org/2015/071} }