Home to extremely big numbers (Image: Brian Snyder/Reuters)

The first tests of a “factorisation factory” have beaten the record for breaking gigantic numbers down into their prime-number building blocks. It might one day force firms to strengthen their online encryption.

All non-prime numbers can be made by multiplying prime numbers together. Cryptographic algorithms use the fact that reversing-engineering this multiplication, or factorising, is very difficult for large numbers. New factorising methods are tested on huge “RSA numbers”, each of which is the product of multiplying two prime numbers, known only to encryption firm RSA Security.

Factoring a single RSA number is a massive effort, says Arjen Lenstra of the Swiss Federal Institute of Technology in Lausanne, so he and colleagues have developed a factorisation factory that can tackle multiple target numbers at once. The technique, first proposed in the 1990s, saves effort by pre-computing a massive table of equations that apply to all the target numbers, then doing additional computation for each one.


“You can obtain great savings per number to be factored once you have done this very large pre-computation,” says Lenstra.

Testing the technique on RSA numbers is currently too hard, so Lenstra turned to Mersenne numbers, which are always in the form 2n-1, where n is any number. These aren’t important for cryptography but provide a useful test of the idea because their form makes them somewhat easier to factor.

2000 years’ work

The team started attacking 17 of these numbers in 2010. Now they have factored 10, after the equivalent of 2000 years’ computation on a high-end PC – about 50 per cent faster than doing them one at a time. The highest number factored was 21193-1, a record. That number is roughly the same size as the 1024-bit RSA numbers used in encryption today – 1024 being their length in binary code – although RSA numbers are much harder than Mersenne numbers to crack.

The previous record was a 768-bit number which Lenstra’s team and others factored in 2010. Much smaller 512-bit numbers used to be the encryption standard but in 1990 Lenstra helped crack a 512-bit number in a similar form to the Mersenne numbers. Nine years later he went on to break an RSA number of the same size, which contributed to the industry upgrading to 1024-bit. This new work could push things again, Lenstra says, but adds that there’s no need to worry about your online security yet.

Greg Childers of California State University in Fullerton agrees but says it could lead to future advances. “It is not the significant breakthrough that we are looking for, but in a field that has seen little movement in the past couple of decades even small advances are worthy of excitement.”

Reference: Cryptology ePrint Archive, eprint.iacr.org/2014/653