Cryptology beyond Shannon’s Information Theory:
Preparing for When the ‘Enemy Knows the System’
With Technical Focus on
Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites
Yogesh Malhotra, PhD www.yogeshmalhotra.com
Griffiss Cyberspace, Global Risk Management Network, LLC
www.griffisscyberspace.org, www.finrm.org May 03, 2013
"A cryptosystem should be secure even if the attacker knows all details about the system, with
the exception of including the secret key."
- Yogesh Malhotra’s reformulation of Kerckhoffs's principle, 2013
"The enemy knows the system, but you ‘know’ better."
- Yogesh Malhotra’s reformulation of Shannon’s maxim, 2013
Abstract
"A cryptosystem should be secure even if the attacker knows all details about the system, with
the exception of including the secret key."
- Yogesh Malhotra’s reformulation of Kerckhoffs's principle, 2013
"The enemy knows the system, but you ‘know’ better."
- Yogesh Malhotra’s reformulation of Shannon’s maxim, 2013
The problem is introduced as creation of encryption algorithms whose cracking is computationally
infeasible. Hegelian dialectic questioning that premise is posed by invoking Poe asking if it is even
possible for human ingenuity to ‘concoct a cipher’ which human ingenuity cannot resolve. Symmetric and
public key cryptography as well as various RSA benchmarks are reviewed to develop a sense of the
encryption vulnerability trend. Apparent overconfidence of expert scientist Rivest in his RSA encryption
is introduced as what he later called ‘our infamous “40 quadrillion years”’ challenge.1 Recognizing that
the ‘40 quadrillion years’ challenge became unraveled in less than a minuscule of tiniest fraction of order
~ 10-15
of estimated time to failure is the backdrop of the timeline of RSA failures depicting strong
encryption vulnerability trend. Next RSA benchmark on cusp of being cracked – unless it has already
been cracked in private – is the global encryption standard RSA-1024 in worldwide use for the most
critical national, economic and industrial activities. Factoring algorithms, the devil’s advocate to
cryptologists’ claim of computational infeasibility of encryption failures are introduced with discussion of
general and special purpose factoring algorithms. Central technical focus is on Number Field Sieve
(NFS), most potent of all factoring known algorithms used for recent strongest attacks. 5-phase operation
of NFS is discussed with specific focus on: polynomial selection, finding factor bases, sieving for optimal
congruent relations, solving linear equations with matrix, and computing square roots in number fields.
Then my investigation returns to the original question: What if Poe’s foresight about human
cryptologist’s ingenuity not being able to outsmart human cryptanalyst’s ingenuity was not far from
reality? Increasingly devastating real world encryption failures are reviewed lending credence to Poe’s
thesis. Parallels between Poe’s insight and Claude Shannon’s maxim and Kerckhoffs's principle are
clarified. By adapting both to bridge information theoretic information processing and my work on
human sense making (Malhotra 2001) I introduce the sketch of a new cryptology principle: Malhotra’s
principle of no secret keys. The proposed sketch develops upon my 20-yr information and communication
systems research which also included focus on issues such as competitive intelligence, misinformation
and disinformation. It further advances beyond my original communication with John Holland, the
inventor of genetic algorithms in 1995. Based on Holland’s observation that Shannon’s notion of
information in information theory missed critical human aspects of meaning, sense making, and knowing,
my research developed a widely accepted knowledge management framework applied by global
organizations such as NASA, US AFRL, US Army, US Navy, and US Air Force. The proposed principles
based on that framework aim to complement Shannon’s information theory originally designed for
controlling machines based on my research on the psychology of information, meaning, sense making,
and knowing. What having and knowing mean in the human behavior framework can fundamentally
advance notions such as information theory based two factor authentication by fundamentally rethinking
and reformulating very basic ideas such as: something that you have and something that you know.
1 Rivset, Ronald R. The Early Days of RSA – History and Lessons, ACM Turing Award Lecture.
“Few persons can be made to believe that it is not quite an easy thing to invent a method of
secret writing which shall baffle investigation. Yet it may be roundly asserted that human
ingenuity cannot concoct a cipher which human ingenuity cannot resolve…”
-- Edgar Allan Poe
Introduction
Over 200 years ago, Edgar Allan Poe, a 19th century American author and poet known
for his influence on the field of cryptography, made the above comment. Consistent
with observations of some of the later scientists known for their central role in
advancing cryptography, he tended to “no cipher could be invented that could not also
be ‘unriddled’” (Gardner 1977).
More recent advances in cryptography have led to the development of symmetric
shared secret key based cryptography and subsequently public key cryptography that
does away with the need for the shared secret key. Diffie Helman invented public key
cryptography in 1976 which enabled encryption of messages and their authentication
by digital signatures. Next year, in 1977, Ron Rivest, Adi Shamir, and Leonard Adleman
introduced the RSA algorithm to enable public key cryptosystems. RSA’s cryptographic
strength was based upon presumed computational infeasibility of factorization of large
composite numbers created from very large ‘hard’ prime numbers. Even though the
private key used for encryption and decryption does not need to be shared in public key
cryptosystems, it is mathematically related to the public key. The cryptanalytic defense
of such system is in ensuring computational infeasibility of derivation of the private key
even though public key as well as their composite product is known.
An article published in the Scientific American (Gardner 1977) announced the new RSA
algorithm in its Mathematical Games column. The column offered a reward of $100 to
the first person who could decode the cipher text generated by the use of the RSA
encryption algorithm. The column observed that “It is this practical impossibility, in any
foreseeable future, of factoring the product of two large primes that makes the M.I.T.
public key cipher system possible.” It further underscored: “If the best algorithm
known and the fastest of today's computers were used, Rivest [the R in RSA] estimates
that the running time required would be about 40 quadrillion years!” Incidentally, the
RSA challenge estimated to remain undefeated for 105 times the life of the universe,
estimated around 1010, was won much earlier.
The Original RSA Challenge in Scientific American column Mathematical Games, 1977
In fact, the RSA challenge was won within 17 years! Moore’s law asserts that
computing machinery doubles in processing power every 1.5 years or so: that does
seem to account for a 12-fold improvement. Moore’s law doesn’t explain the ~ 1015 times
overestimation about RSA’s purported encryption strength in any case! The current cause
for concern isn’t about the original RSA challenge being unraveled in 17 short years.
However, it is about the 1015 x magnitude by which one of the very best experts in the
discipline and practice overestimated the time to capitulation of 129-digit RSA.
Furthermore, the crucial concern is also about the trend of capitulations of increasingly
stronger RSA standards with perhaps the most critical of them all being the current
predominant 309-digit RSA-1024 which is the current gold standard of encryption.
Current Cause of Critical Concern is
based upon three issues: 1015x factor of
‘overconfidence’ in the RSA benchmark,
trend of stronger RSA capitulations
since then and most importantly the
current gold standard which is on cusp
of being broken… unless it is already
broken but not publicly revealed.
Even though NIST2 has approved larger key sizes of 2048 and 3072, RSA3 “currently
recommends key sizes of 1024 bits for corporate use and 2048 bits for extremely
valuable keys like the root key pair used by a certifying authority.”
2
NIST Special Publication 800 - 57 Recommendation for Key Management Part 1: General (Revision 3).
http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf
Factoring Algorithms
Real defense or sustained viability of any encryption standard or encryption algorithm
depends upon the “practical impossibility, in any foreseeable future” of “factoring the
product of two large primes” as we already know. Hence, the factoring algorithms that
make the process of breaking such encryption benchmarks easier, cheaper, and faster
are of vital importance. For instance, Number Field Sieve, in its various forms, is
currently recognized as the most powerful family of factoring algorithms and was used
in most recent factoring attacks. Factoring algorithms come in two broad classifications:
special purpose factoring algorithms and general purpose factoring algorithms.
Of the two types, Special Purpose Factoring Algorithms (SPFA) are suitable for
factorizing composites of special classes of numbers such as Mersenne primes and
Fermat numbers. While suitable for factoring smooth composites with small prime
factors, SPFA can’t factor hard composites of large prime numbers that are relevant for
RSA encryption. Their efficiency depends upon unknown factors: they are too slow for
most factoring jobs and would run forever or fail to run for RSA composites. Special Purpose Factoring Algorithms and General Purpose Factoring Algorithms
Examples of SPFA include: Trial division (trial divide possible factors, check for zero
remainder), Pollard’s p – 1 (based on Fermat’s Little Theorem), Pollard’s ƒΟ (Monte
Carlo method: 8th), and Elliptic Curve Method (ECM) (p − 1 for points on elliptic curve).
General Purpose Factoring Algorithms (GPFAs) which are suitable for factoring
RSA-type hard composites with no small prime factors are the second type of factoring
3 How large a key should be used in the RSA cryptosystem? http://www.rsa.com/rsalabs/node.asp?id=2218.
algorithms. They can factor any integer of a given size in about same time as any integer
of that size and their efficiency depends on the size of integer to factor.
General Purpose Factoring Algorithms Are Used for Factoring RSA Type Hard Composites
Three specific GPFAs listed above, Continued Fractions Algorithm (CFRAC), Quadratic
Sieve Algorithm (QS), and Number Field Sieve Algorithm (NFS), all operate on the
basis of the congruence of squares. Congruence of squares in the context of factoring a
hard composite n into its factors p and q can be understood as follows.
If we can find a function that satisfies: n = x2 – y2, we get factors of n: (x + y), (x – y).
Given that a large set of numbers needs to be searched with few satisfying the above
relation, this algorithm is slow. Hence, to speed things up to get a faster algorithm, n
can be factored to satisfy the following weaker congruence of squares condition.
n divides the composite product of two factors (x + y) (x - y), but it doesn’t divide (x + y)
or (x - y) alone so that the above modulus condition is satisfied. Thus, (x + y) and (x - y)
represent the two prime factors of n, namely p and q. Using Euclidean algorithm, the
greatest common divisors of (x + y, n) and (x - y, n) will yield these factors.
A comparison of representative sieve algorithms shown below recognizes the number
field sieve (NFS) as the fastest, i.e., most efficient algorithm for factorization of large
numbers that make hard composites for RSA encryption particularly for > 100 digits.
Number Field Sieve is the Best Known Algorithm for Factoring Large Numbers
Number Field Sieve
NFS consists of a sieving phase to search for a fixed set of prime numbers which are
candidates for a particular algebraic relationship, modulo the number to be factored.
The next matrix solving phase creates a large matrix from the candidate values and then
solves it to determine the factors. While the sieving phase can be done in a distributed
fashion on a large number of processors simultaneously, the matrix solving phase is
usually performed on a large supercomputer given its need for massive processing
power. For large hard composite n, NFS asymptotically outperforms other sieve types
such as Quadratic Sieve (QS) and Rational Sieve (RS). While RS & QS both find smooth
numbers exponential in n NFS finds smooth numbers sub-exponential in n. QS operates
over integers only ℤ x ℤ, whereas NFS operates over Number Field ℤ and Number Ring
ℤ[m], i.e., over ℤ x ℤ[m] where m is the root of polynomial f(x), NF is a finite field
extension of the field ℚℚℚℚ, and NR is a subring of NF. The end goal of the various phases
in the operation of NFS is to find congruent squares mod n to determine the non-trivial
factors (x + y) (x - y) from the greatest common divisors of (x + y, n) and (x - y, n).
An outline of the key steps in the operation of NFS is presented below followed by
discussion on each of the steps in its operation.
Main Steps in the Operation of the Number Field Sieve Algorithm Are Outlined Below
Since the concept of Algebraic Number Field and Number Ring are central to the NFS
algorithm, they are briefly reviewed below before the overall process of operation is
delineated. If r is a root of a nonzero polynomial equation such as: anxn + a(n-1)x (n-1) + ... +
a1x + a0 = 0 where ais are integers or equivalently, rational numbers and r satisfies no
similar equation of degree < n, then r is said to be an algebraic number of degree n.
What is an Algebraic Number Field?
A Subring of R is a subset of a ring that is itself a ring for which binary operations of
addition and multiplication on R are restricted to the subset and which contains the
multiplicative identity of R. A Ring is an Abelian Group with a second binary operation
that is associative and is distributive over the Abelian Group operation. Abelian Group,
also called a Commutative Group as it adds Commutativity axiom to Group's four other
axioms, is a group in which the result of applying the group operation to two group
elements does not depend on their order (the axiom of commutativity). Group is a set of
elements together with an operation that combines any two of its elements to form a
third element also in the set while satisfying four conditions called the group axioms,
namely closure, associativity, identity, and invertibility.
Polynomial Selection The objective of the Polynomial Selection step is to identify a large set of usable
polynomials, remove bad polynomials from set (also called a heuristics), conduct small
sieving experiments on remaining polynomials, and choose one with best yield. Yield
can be understood in terms of a function which provides a very good estimate for
removal of [algebraically] bad polynomials so that remaining polynomials can be put
through a small sieving test. The output of the process is polynomials with best yield.
The algebraic properties that are relevant in the process of finding the algebraically
optimal polynomials are summarized below.
Polynomial Selection Identifies a Large Set of Usable Polynomials
Finding Factor Bases Factor bases specify well-defined domains for optimal functioning of NFS algorithm.
The algebraic domains for selecting the most optimal smooth primes consistent with the
goals of achieving congruence of squares are defined three distinct factor and character
bases. These three are: rational factor base (RFB) of primes such as 2, 3, 5 up to an
empirically unknown bound (a + bm); algebraic factor base (AFB) of prime ideals in a
ring of algebraic integers, and quadratic character base (QCB) composed of a small set
of first degree prime ideals not in AFB. Relevant algebraic properties are listed below.
The Three Factor Bases: Rational Factor Base, Algebraic Factor Base, Quadratic Character Base
When enough pairs are found that are simultaneously smooth over rational and algebraic
factor bases, then hopefully squares in both Number Field ℤ and Number Ring ℤ[m],
i.e., over ℤ x ℤ[m] will be identified.
Sieving to Find Optimal Sets of Relations (a, b)
Sieving is the most critical part of the Number Field Sieve operations. Two sieves are
used: the Rational Sieve and the Algebraic Sieve corresponding to RFB and AFB
respectively. Two different methods of sieving are available depending upon the size of
primes being factored and depending upon available memory resources. Line Sieving needs less memory, is best for small to medium primes and sieves over all
(a, b) pairs, one b-value at a time, and for each prime (p, r), find all pairs divisible by it.
In contrast, Lattice Sieving which is best for large primes but needs more memory. It
works by fixing a medium sized prime (q, s) ϵ AFB, sieves over all (a, b) pairs subject to
⟨ a – b⍬ ⟩ | (q, s) and forms a lattice of vectors for such pairs. The output of the sieving
phase is a set of (a, b) pairs that are RFB and AFB smooth.
Sieving is the Most Crucial Part of the NFS Algorithm Operation
Solving Linear Equations Using a Matrix
RFB and AFB smooth (a, b) pairs filtered above are used in this step to find the subset of
pairs which yield squares i.e. contain elements with unique factors having even powers.
The sieving results are filtered by removing duplicates and relations containing prime
ideals not present in other relations. The relations are then put into relation-sets to
construct very large sparse matrix over Galois Field GF (2) (expressed by 2 = pm). The
matrix is then reduced resulting in some dependencies consisting of elements which
lead to a square modulo n.
As this step can result in a matrix with dimensions greater than 100 x 100, it may be
hard to represent in memory and thus may require a supercomputer for processing. The
matrix, an illustrative example of which is included below, consists of factorization over
RFB and AFB to minimize matrix size. So that, memory doesn’t pose a major constraint
to processing the matrix, its size is minimized by replacing odd powers with 1s and
even powers with 0s. The matrix is then reduced to reduced echelon form using either
Block Lanczos or Block Wiedemann techniques for optimal run time as Gaussian
Elimination which is the more known technique may not be optimal.
RFB Powers Are Shown Above and AFB Powers Are Shown Below in the Matrix
Calculating Square Roots in Number Fields
The computation of the matrix yields one or more products which are squares and can
yield trivial or non-trivial factors of the hard composite n. The rational square root and
algebraic square root need to be calculated and are of the following form.
Algebraic square root, x ϵ ℤ [m]: x2 =
Rational square root, y ϵ ℤ: y2 =
The element (x2, y2) just found yields a solution the congruence condition noted earlier:
Thus, square root (x, y) of the squares (x2, y2) ϵ ℤ x ℤ [α] now need to be computed. For
the rational field it is feasible given squares can be extracted in Z. Computation of the
above large number y2 can also be avoided as prime factorization of each element (a –
bm) in the product and thus the product itself has been done. For the algebraic number
field however, even though prime ideal factorization of above x2 can be determined it is
not useful as prime ideals may not have generators at all. If we can find a function that
satisfies: n = x2 – y2, we get factors of n: (x + y), (x – y). As noted earlier, (x + y) and (x
- y) represent the two prime factors of n, namely p and q and can be computed by
finding the greatest common divisors of (x + y, n) and (x - y, n).
Rational Square Roots and Algebraic Square Roots Used to Compute Factors
‘The Enemy Knows the System…’: Beyond RSA-1024
Having completed the technical discussion on NFS and growing vulnerability of
stronger RSA encryptions with the future of RSA-1024 and the world literally up in the
air (‘unknown’), one would realize that odds are no more in favor of cryptologist
encryption creator’s overconfidence by a factor of ~ 1015. Given known real world
observations at hand about encryption failure of stronger systems and the enormity of
stakes involved (probably in hundreds of billions of dollars as illustrated further)
particularly in current era of everything-WWW, a much more conservative stance
about cryptology’s faith in secret keys is not only desirable but crucial. Economies
and nations of the world literally can’t afford any complacency based upon similar
overestimation of ~ 1015 or even lesser in terms of overconfidence in encryption systems
and algorithms.
What if Poe’s foresight about human cryptologist’s ingenuity not being able to
outsmart human cryptanalyst’s (code breaker’s) ingenuity was not far from reality?
To develop a reality check about plausibility that ‘the enemy knows the system,’ i.e., the
gold standard of encryption RSA-1024 may already have been cracked in private, a
review of recent encryption cracking public media reports was done with illustrative
examples presented in Appendix: ‘When The Enemy Knows The System’.
[The author whose research and practice on limitations of Shannon’s information theory
go back 20-years is an active Certified Information Systems Security Professional (CISSP)
who monitors related reports on a regular basis. What is illustrated herein is a very
small sample from his research archive on this topic.]
A critical analysis of recent RSA and other strong encryption failures particularly over
the span of recent 2-3 years discovers evidence of most alarming and devastating
cyber-intrusion attacks in the history of worldwide adoption of WWW. Most critically,
recent issues such as the national cyber-directive by the US President [in words similar
to what is attributed to the author of this article in global interviews and published
research about ‘smart’ use of technologies by ‘smart’ people], US Secretary of Defense
and other US and other national executives seems unprecedented in the history of
cryptology and encryption schemes.
Furthermore, despite obvious reticence on the part of most hi-tech public companies,
recent highly public admissions of encryption failures of their global and national scale
systems by largest hi-tech companies such as Google and Facebook on both leading and
bleeding edge of cryptology applications seem telling in what they don’t really tell.
Most US defense contractors that service hundreds of billions of dollars US national
security contracts remain reticent about cyber-intrusion attacks even though Lockheed
Martin ‘admitted’ in May 2011 that it was the target of a "significant and tenacious"
cyber-attack. Its ‘admission’ and ‘non-admission’ of most of its competitors is
apparently more telling than what this one company actually said essentially to
ameliorate most concerns as such ‘public relations’ PR messages are expected to do.
Therefore, it may be concluded beyond reasonable doubt that the ‘system is already
broken’: Poe’s foresight about the state of encryption attacks was not far from reality.
Preparing for When the ‘Enemy Knows the System’
Even though the author of the Scientific American article ‘40 quadrillion years’ RSA
challenge column asserted that: “Poe was certainly wrong. Ciphers that are unbreakable
even in theory have been in use for half a century. They are "one-time pads," ciphers
that are used only once, for a single message. Here is a simple example based on a shift
cipher, sometimes called a Caesar cipher because Julius Caesar used it.” It remains a
fact that even though one-time pads have their place in small minuscule of encryption
applications, future of the national and global economies is not as sensitive to them
given billion-fold or perhaps greater penetration of RSA-type encryption schemes.
Most cryptologists and cryptanalysts would recognize that Poe’s insight was not far
from reality even in terms of Claude Shannon’s maxim or Kerckhoff’s Principle.
Kerckhoff’s Principle states that: ‘A cryptosystem should be secure even if the attacker
knows all details about the system, with the exception of the secret key.’ Shannon’s
maxim was even more explicit in avoiding the apparent hubris in cryptologist’s claim of
over-confidence in any encryption algorithms stating: "The enemy knows the system."
Hence Poe was only suggesting what Kerckhoff and Shannon stated 100 years later: all
three emphasized design of encryption systems based on the premise that human
ingenuity cannot concoct a cipher which human ingenuity cannot resolve.
Cryptology beyond Shannon’s Information Theory
What can be done in terms of future cryptology advancements about the discussed
challenge of creating encryption systems that are computationally infeasible to break?
Based upon my own 20-year research focused on information and communication as
well as information and communication systems, I outline a sketch of future extensions
to Shannon’s maxim and Kerckhoff’s Principle. I outline these extensions in the form of
adaptations of both as follows and call them Yogesh Malhotra’s principle of no secret keys.
"A cryptosystem should be secure even if the attacker knows all details about the system, with
the exception of including the secret key."
- Yogesh Malhotra’s reformulation of Kerckhoffs's principle, 2013
"The enemy knows the system, but you ‘know’ better."
- Yogesh Malhotra’s reformulation of Shannon’s maxim, 2013
The proposed extension is based on my communication of 1995 with Professor John
Holland, the computer scientists and psychologist inventor of genetic algorithms
(Malhotra 2001). Based on understanding Holland’s response to my query that
Shannon’s notion of information in information theory missed critical human aspects of
meaning, sense making, and knowing, my research has tried to fill that gap. Resulting
body of work has become widely accepted as a knowledge management framework that is
applied by top executives and commanders at global organizations such as NASA, US
AFRL, US Army, US Navy, and US Air Force. Above proposed principles of no secret keys
based on that framework aim to complement Shannon’s information theory originally
designed for controlling machines. Extensions are proposed in terms of my peer-reviewed
information systems research on the psychology of information, meaning, sense making,
and knowing noted among 'exemplars' of 'considerable impact on actual practice' in 2008
AACSB International Impact of Research Report. [While my name seemed to be the
only name noted as exemplar of contributions to Information Systems research, several
Finance and Economics Nobel laureates were mentioned as exemplars whose research
my works on quantitative modeling of risk and uncertainty is attempting to advance.]
I propose the above extensions to bridge the current gap between ‘information theoretic’
information processing and human sense making processes (Malhotra 2001). What having
and knowing mean in this human behavior framework can fundamentally advance
obsoleted notions such as information theory based two factor authentication by
fundamentally rethinking and reformulating very basic ideas such as: something that
you have and something that you know. The fundamental proposition is to extend prior
applications based on Shannon’s ‘information theory’ focused on static and
deterministic behavior of computing machines by integrating understanding about
dynamic and non-deterministic behaviors of human users of encryption systems.
The fundamental contrast between the two approaches is in terms of the treatment of
‘secret’. Shannon’s information theory [or, more specifically its encryption applications]
treat secret [or specifically related meaning resulting from interaction of senses and
symbols] as extrinsic to senses and embedded in exogenous symbols. In Shannon’s
frame, specific sense or meaning related to such exogenous symbols is also assumed to
be homogeneous and static across all humans and more or less also across time [as if
they were computing machines processing information rather than humans making
sense].
My information systems research focused on multiple streams of psychology, learning,
and knowing has determined that the secret [or specifically related meaning resulting
from interaction of senses and symbols] is not extrinsic to senses and not embedded in
exogenous symbols. Rather, in my frame of reference based on widely examined
empirically validated streams of information psychology research, the secret is intrinsic
to subjective senses. In my frame, specific sense or meaning related to such exogenous
symbols is also assumed to be non-homogeneous across users as well as non-static
across time.
Despite their sophistication in terms of psychological research, the proposed principles
and extensions are based on naturally intuitive experience of real world locks and keys
that most of us are already familiar with. However, it applies the lessons learned from
that physical world in terms of what not to do (what is certainly not your birth date as a
pass phrase) to the virtual world rather than what to do (what is your birth date as a
pass phrase) which is evident in current naïve systems of pass phrases and two-factor
authentication which are predictably prone to failures. Hence, it turns the ‘security
through obscurity’ cliché on its head by transforming it from a critical liability of
unexamined systems prone to failure to a critical asset where the secret is intrinsic to
user’s mind rather than the external symbol(s): where others see mess, the specific
human creator sees the intuitive structure that others can’t possibly decipher using any
possible algorithm – as meaning interpreted though subjective senses is detached from
symbols. Where the machine-focused information theoretic paradigm has failed in
trying to control human behavior as if they were deterministic machines, the proposed
paradigm can possibly leverage the non-determinism inherent in their human behavior
to create ground-breaking processing and encryption capabilities yet to be discovered.
References
Briggs, Matthew E. An Introduction to the General Number Field Sieve. Master of
Science in Mathematics Thesis. Virginia Polytechnic Institute and State University. April
17, 1998.
Crandall, R.E. and Pomerance, C. Prime Numbers: A Computational Perspective (2001).
2nd edition, Springer. ISBN 0-387-25282-7. Section 6.2: Number field sieve, pp. 278–301.
Cowie, J.; Dodson, B.; Elkenbracht-Huizing, R. M.; Lenstra, A. K.; Montgomery, P. L.;
Zayer, J. A. "World Wide Number Field Sieve Factoring Record: On to 512 Bits." In
Advances in Cryptology--ASIACRYPT '96 (Kyongju) (Ed. K. Kim and T. Matsumoto.)
New York: Springer-Verlag, pp. 382-394, 1996.
Jensen, Per Leslie.Integer Factorization. Master Thesis. Department of Computer
Science. University of Copenhagen. Fall 2005.
Lenstra, A. K. and Lenstra, H. W. Jr. "Algorithms in Number Theory." In Handbook of
Theoretical Computer Science, Volume A: Algorithms and Complexity (Ed. J. van
Leeuwen). New York: Elsevier, pp. 673-715, 1990.
Lenstra, A. K. and Lenstra, H. W. Jr. The Development of the Number Field Sieve.
Berlin: Springer-Verlag, 1993.
Lenstra, A. K., Lenstra, H. W. Jr., Manasse M.S., Pollard, The Number Field Sieve, The
Development of the Number Field Sieve, Springer Verlag, Berlin, Germany, 1993, pp.
11-42.
Lenstra, A. K. and Verheul, E. R. "Selecting Cryptographic Key Sizes." In Public Key
Cryptography. Third International Workshop on Practice and Theory in PublicKey
Cryptosystems, PKC 2000 (Ed. H. Imai and Y. Zheng). Berlin: Springer-Verlag, 446-465,
2000.
Malhotra, Y. Expert Systems for Knowledge Management: Crossing The Chasm
Between Information Processing and Sense Making. Journal of Expert Systems with
Applications 20 (2001). 7-16.
Montgomery, Peter L. Square roots of products of algebraic numbers, Mathematics of
Computation. 1943-1993 (W. Gautschi, ed.), Proc. Sympos. Appl. Math., vol. 48, 1994,
pp. 567-571.
Peterson, Michael. Summary of the Number Field Sieve. University Honors Thesis in
Mathematics and Statistics. Texas Tech University. December, 2004.
Pollard, J. M. Factoring with Cubic Integers, The Development of the Number Field
Sieve, Springer Verlag, Berlin, Germany, 1993, pp. 4-10.
Pomerance, C. "A Tale of Two Sieves." Not. Amer. Math. Soc. 43, 1473-1485, 1996.
APPENDIX: ‘WHEN THE ENEMY KNOWS THE SYSTEM’