Optimized Implementation of the Elliptic Curve Factorization Method on a Highly Parallelized Hardware Cluster

Abstract

In this thesis we present a highly efficient, parallel implementation of the elliptic curve method (ECM) on reconfigurable hardware in order to support the general number field sieve algorithm (GNFS). The GNFS is the most effective algorithm to factor large integers. It can be used to attack the RSA cryptosystem by factoring the composite RSA modulus N = p · q. During the sieving step, a large amount of mid-sized integers have to be factored. We can use the ECM to increase the speed of this step. To provide fast modular arithmetic units, we exploit the digital signal processing elements on a Virtex-4 FPGA and increase the speed of the underlying operations compared to other FPGA implementations. We present an optimized implementation on a Virtex-4 SX35 FPGA, running 24 parallel ECM computations of phase 1 and phase 2 at 200 MHz. We propose an architecture, which can be adapted to factor 66 to 236 bit integers. The necessary hardware changes are negligible, as only the instruction sequence has to be recomputed. Our results show an improvement by more than 20% compared to all previous publications on FPGAs (which implement or estimate the second phase) both on throughput as well as cost-effectiveness. Our comparison with a recent implementation of the ECM on graphic cards indicate that even though FPGAs do not have the computational power of modern GPUs, FPGAs are more power-effective.

Extracted Key Phrases

25 Figures and Tables

Cite this paper

@inproceedings{Zimmermann2009OptimizedIO, title={Optimized Implementation of the Elliptic Curve Factorization Method on a Highly Parallelized Hardware Cluster}, author={Ralf Zimmermann and Dietmar W{\"a}tjen}, year={2009} }