A Framework for Filtering Step of Number Field Sieve and Function Field Sieve

Abstract

ABSTRACT Public key cryptography is based on two popular mathematical hard problems namely the integer factorization and discrete logarithm problem. Number Field Sieve (NFS) and Function Field Sieve (FFS) are the most efficient and widely used algorithms to solve integer factorization and discrete logarithm problems. The main phases of these algorithms are polynomial selection, relation collection and linear algebra. Among these steps, relation collection and linear algebra are the most computationally costly. The filtering step is used in between relation collection and linear algebra step, which employs several strategies to reduce the coefficient matrix size and makes the matrix suitable for linear algebra, so that linear algebra takes comparatively lesser time. This paper presents a complete framework for the filtering step in the NFS class of algorithms. In this paper, the filtering step is considered as two main sub-phases. The two phases are namely matrix construction and matrix reduction. In the first sub-phase, the relations collected from the relation collection step are structured to represent in a matrix form. The main goal of this phase is to construct a relation from the smooth elements obtained in the relation collection phase along with the other necessary inputs with respect to NFS class of algorithms. The second sub-phase deals with matrix reduction in which various strategies such as duplicate removal, singleton removal, clique removal and merge are applied to reduce the overall matrix size preserving the sparsity at the same time. Algorithms for the first and second phases are designed and analyzed in the paper. The experiments are conducted on the relations collected from standard tool CADO-NFS and the results are reported. From the results, it is shown that the filter map structure presented in the current work for matrix representation helps to improve the overall performance of filtering module. Specifically, the method to handle duplicates in the matrix instead of the traditional method improves the duplicate removal module of filtering. Additionally, an optimized clique removal method of filtering which is introduced in the present work further improves the performance of filtering.