![]() |
|
|
#1 |
|
Sep 2006
310 Posts |
Everyone appears to be saying (not necessarily here, but other places) that RSA-704 is a product of two 106 digit primes. I can't think of a reason that this has to be. Is it stated officially that this is the case?
|
|
|
|
|
|
#2 | |
|
Undefined
"The unspeakable one"
Jun 2006
My evil lair
6,793 Posts |
Quote:
Although there is a good chance that the two primes are both 106 digits numbers, since that would make some methods of factorisation harder than if using a smaller prime and a bigger prime. eg. 2 digit prime + 210 digit prime would be trivial to break but 106+106=non_trivial to break. |
|
|
|
|
|
|
#3 |
|
Jun 2003
125308 Posts |
I don't know whether it is "officially" stated... But it is well known that all the RSA numbers have two factors of equal _bit_ length. So for RSA 704, it would be two 352 bit factors.
After looking at the actual number, it looks like the factors will be between 8070373681869514072734228812145027220094678854297782287717332620153464615011270601823360738857596970569827 and 9173994463960286046443283581208347763186259956673124494950355357547691504353939232280074212440502746218496 (2^352) |
|
|
|
|
|
#4 |
|
Sep 2006
112 Posts |
Thanks for the replies. Any idea why they are believed to be of equal length? The numbers I came up with for upper/lower bound are different than yours. Could you elaborate on how you came up with those numbers?
|
|
|
|
|
|
#5 |
|
Jun 2003
23×683 Posts |
The factors must both be 352 bits in length. Largest 352 bit number = 2^352-1, thus yielding the upper bound. Lower bound is simply (RSA 704 / Upper bound).
|
|
|
|
|
|
#6 |
|
Tribal Bullet
Oct 2004
5·23·31 Posts |
Because if they were not it would theoretically be easier to collect RSA prize money, and because all RSA challenge number factored to date have had equal size factors, and because customers expect optimal security from generated keys, which requires the modulus to have equal size factors.
jasonp |
|
|
|
|
|
#7 |
|
Aug 2004
italy
113 Posts |
|
|
|
|
|
|
#8 |
|
Jul 2005
2816 Posts |
You will get a statement as official as it gets from one of the people who created the RSA challenge numbers that the two factors are always the same bit length (In the case of RSA-704 they each contain 352 significant bits). He posts here and over at the Yahoo Prime numbers forum but I'm embarrassed to say I can't recall his name (Silverman?), and don't have a link handy.
The way I understand it, their program generated the factors and tested them for vulnerabilities and produced the RSA Challenge numbers, but NO ONE has ever seen or otherwise had access to the factors of the unsolved RSA challenge numbers. -- Ron |
|
|
|
|
|
#9 |
|
"Nancy"
Aug 2002
Alexandria
2,467 Posts |
Yes, Robert D. Silverman. He posted a brief description of the key generation process on this board sometime, see http://www.mersenneforum.org/showthr...070&#post59070
Alex |
|
|
|
|
|
#10 | |
|
Undefined
"The unspeakable one"
Jun 2006
My evil lair
11010100010012 Posts |
Quote:
|
|
|
|
|
|
|
#11 |
|
"Nancy"
Aug 2002
Alexandria
2,467 Posts |
Read a couple of follow-up postings to the one I linked to. There's also a link to another thread where he does mention some details of the key generation process.
Alex |
|
|
|