Cryptography Watch

The number RSA-120 of the RSA Factoring Challenge {W} has been factored[1] by Derek Atkins, Michael Graff, Arjen K. Lenstra {W}, and Paul Leyland {W}.

The factorization is:

RSA-120 = 327414555693498015751146303749141488063642403240171463406883
* 693342667110830181197325401899700641361965863127336680673013

The computation took approximately three months.

[1] Denny, T., Dodson, B., Lenstra, A.K., Manasse, M.S. (1994), On the Factorization of RSA-120, Lecture Notes in Computer Science 773, Springer-Verlag, 1994, pp 166-174.

The number RSA-110 of the RSA Factoring Challenge {W} has been factored by Arjen K. Lenstra {W} and Mark S. Manasse.

The factorization is:

RSA-110 = 6122421090493547576937037317561418841225758554253106999
* 5846418214406154678836553182979162384198610505601062333

The computation took approximately one month.

RFC1321, specifying the MD5 Message-Digest Algorithm, has been published. This successor to MD4 is the latest work by Ron Rivest. It is a 128bit hash.

The number RSA-100 of the RSA Factoring Challenge has been factored by Arjen K. Lenstra {W}.

The factorization is:

RSA-100 = 37975227936943673922808872755445627854565536638199
* 40094690950920881030683735292761468389214899724061

RSA Labs has announced a factoring challenge in order to determine the computational feasibility of factoring large semi-prime numbers of various bit lengths. RSA Labs is offering cash prises for various size numbers in the hope that the challenge will push the science of integer factorization ahead.

RSA Labs Factoring Challenge Homepage:

http://www.rsasecurity.com/rsalabs/challenges/factoring/

R. L. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, 21(2), 1978, pp 120 - 126.

Abstract

An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: (1) Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intented recipient. Only he can decipher the message, since only he knows the corresponding decryption key. (2) A message can be “signed” using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in “electronic mail” and “electronic funds transfer” systems. A message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret primer numbers p and q. Decryption is similar; only a different, secret, power d is used, where e * d ≡ 1(mod (p - 1) * (q - 1)). The security of the system rests in part on the difficulty of factoring the published divisor, n.