SHARK - A Realizable Hardware Architecture for Factoring 1024-bit Composites with the GNFS

J. Franke, T. Kleinjung, Chris­tof Paar, Jan Pelzl, C. Priplata, C. Stahlke

1st Workshop on Special-purpose Hardware for Attacking Cryptographic Systems - SHARCS 2005, Paris, France, February 24-25, 2005.


Since 1999 specialized hardware architectures for factoring numbers of 1024 bit size with the Generalized Number Field Sieve (GNFS) have attracted a lot of attention ([Ber], [ST]). Concerns about the feasibility of giant monolytic ASIC architectures such as TWIRL have been raised. Therefore, we propose a parallelized lattice sieving device called SHARK, which completes the sieving step of the GNFS for a 1024-bit number in one year. Its architecture is modular and consists of small ASICs connected by a specialized butter y transport system. We estimate the costs of such a device to be less than US$ 200 million. Because of the modular architecture based on small ASICs, we claim that this device can be built with today's technology.


tags: integer factorization, lattice sieving, RSA 1024 bit, special hardware