Cryptology ePrint Archive: Report 2017/351

Post-quantum RSA

Daniel J. Bernstein and Nadia Heninger and Paul Lou and Luke Valenta

Abstract: This paper proposes RSA parameters for which (1) key generation, encryption, decryption, signing, and verification are feasible on today's computers while (2) all known attacks are infeasible, even assuming highly scalable quantum computers. As part of the performance analysis, this paper introduces a new algorithm to generate a batch of primes. As part of the attack analysis, this paper introduces a new quantum factorization algorithm that is often much faster than Shor's algorithm and much faster than pre-quantum factorization algorithms. Initial pqRSA implementation results are provided.

Category / Keywords: public-key cryptography / post-quantum cryptography, RSA scalability, Shor's algorithm, ECM, Grover's algorithm, Make RSA Great Again

Original Publication (in the same form): PQCrypto 2017

Date: received 19 Apr 2017

Contact author: authorcontact-pqrsa at box cr yp to

Available format(s): PDF | BibTeX Citation

Version: 20170426:172322 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]