Loading ...
Sorry, an error occurred while loading the content.

RSA Factors, First Digits

Expand Messages
  • miltbrown@earthlink.net
    Having verified the first digits of 576 and 640, I am posting the first digits of the factors of the remaining RSA Numbers RSA 704 804457 920341 RSA 768 305380
    Message 1 of 5 , Apr 10, 2009
    • 0 Attachment
      Having verified the first digits of 576 and 640,
      I am posting the first digits of the factors
      of the remaining RSA Numbers

      RSA 704
      804457
      920341

      RSA 768
      305380
      402838

      RSA 896
      494414
      833357

      RSA 1024
      110530
      122198

      RSA 1536
      114276
      161687

      RSA 2048
      131123
      192154

      Milton L. Brown
      miltbrown@...
    • Jens Kruse Andersen
      ... I hoped not to see more about these claims on this list after http://tech.groups.yahoo.com/group/primenumbers/message/14328 Your calculation of the first
      Message 2 of 5 , Apr 15, 2009
      • 0 Attachment
        Milton L. Brown wrote:
        > Having verified the first digits of 576 and 640,
        > I am posting the first digits of the factors
        > of the remaining RSA Numbers

        I hoped not to see more about these claims on this list after
        http://tech.groups.yahoo.com/group/primenumbers/message/14328

        Your "calculation" of the first digits of the factors of RSA-576
        was made after the factors had been published.
        In http://tech.groups.yahoo.com/group/primenumbers/message/14277
        you wrote:
        > I calculate that the first
        > digits of the factors of RSA 640 are
        > 6 0 8 1 1
        > and
        > 5 1 0 9 8

        How did that verification go?
        RSA-640 = 163473... * 190087... was published in 2005:
        http://www.crypto-world.com/announcements/rsa640.txt

        After having seen the real factors, I guess you made a new "calculation"
        and then "verified" that it matched those factors.
        Calculating factors you don't already know tends to be a little harder.

        > RSA 704
        > 804457
        > 920341

        RSA-704 was generated to have two 352-bit factors. In that case their
        first digits must be in the interval 458699 to 917399 and you fail.

        > RSA 768
        > 305380
        > 402838

        384-bit factors have first digits in 197010 to 394020. Failure.

        > RSA 896
        > 494414
        > 833357

        363419 to 726838. Failure.

        > RSA 1024
        > 110530
        > 122198

        670390 to 134078. This one is actually not impossible.

        > RSA 1536
        > 114276
        > 161687

        776259 to 155251. Failure.

        > RSA 2048
        > 131123
        > 192154

        898846 to 179769. Failure.

        --
        Jens Kruse Andersen
      • Phil Carmody
        ... As the mod who approved that post, it provided me with an only momentary problem. As per Ken s post to which you refer unless it contains an answer to the
        Message 3 of 5 , Apr 16, 2009
        • 0 Attachment
          --- On Wed, 4/15/09, Jens Kruse Andersen <jens.k.a@...> wrote:
          > Milton L. Brown wrote:
          > > Having verified the first digits of 576 and 640,
          > > I am posting the first digits of the factors
          > > of the remaining RSA Numbers
          >
          > I hoped not to see more about these claims on this list after
          > http://tech.groups.yahoo.com/group/primenumbers/message/14328
          >
          > Your "calculation" of the first digits of the factors of
          > RSA-576
          > was made after the factors had been published.
          > In http://tech.groups.yahoo.com/group/primenumbers/message/14277

          As the mod who approved that post, it provided me with an only momentary problem. As per Ken's post to which you refer
          "unless it contains an answer to the challenge he has been issued"
          Milton's post _did_ contain such answers. It's now approaching science, as it can be falsified.

          > you wrote:
          > > I calculate that the first
          > > digits of the factors of RSA 640 are
          > > 6 0 8 1 1
          > > and
          > > 5 1 0 9 8
          >
          > How did that verification go?
          > RSA-640 = 163473... * 190087... was published in 2005:
          > http://www.crypto-world.com/announcements/rsa640.txt
          >
          > After having seen the real factors, I guess you made a new
          > "calculation"
          > and then "verified" that it matched those factors.
          > Calculating factors you don't already know tends to be a
          > little harder.
          >
          > > RSA 704
          > > 804457
          > > 920341
          >
          > RSA-704 was generated to have two 352-bit factors. In that
          > case their
          > first digits must be in the interval 458699 to 917399 and
          > you fail.
          >
          > > RSA 768
          > > 305380
          > > 402838
          >
          > 384-bit factors have first digits in 197010 to 394020.
          > Failure.
          >
          > > RSA 896
          > > 494414
          > > 833357
          >
          > 363419 to 726838. Failure.
          >
          > > RSA 1024
          > > 110530
          > > 122198
          >
          > 670390 to 134078. This one is actually not impossible.
          >
          > > RSA 1536
          > > 114276
          > > 161687
          >
          > 776259 to 155251. Failure.
          >
          > > RSA 2048
          > > 131123
          > > 192154
          >
          > 898846 to 179769. Failure.

          I'm curious why the ranges you've quoted (no doubt one end of which is correct, but I've not checked, probably the upper bound) are in ratio 1:2. Surely for correct (FIPS-stylee) RSA, the ratios would be 1:sqrt(2)? Of course, for the individual test numbers, the ranges could be shrunk even more. (Maybe this would push 1024 into the failure zone too?)

          Not that it matters - it was put to the test, and it failed completely.

          I consider the subject *now* completely closed. Thanks for having 5 well-sharpened stakes to hand!

          Phil
        • Paul Leyland
          ... Note that sieving for RSA-768 has now finished. With luck, we should know the leading digits (indeed, all of them) of the prime factors within a few
          Message 4 of 5 , Apr 16, 2009
          • 0 Attachment
            On Thu, 2009-04-16 at 07:21 +0000, Phil Carmody wrote:

            > As the mod who approved that post, it provided me with an only
            > momentary problem. As per Ken's post to which you refer
            > "unless it contains an answer to the challenge he has been issued"
            > Milton's post _did_ contain such answers. It's now approaching
            > science, as it can be falsified.

            Note that sieving for RSA-768 has now finished. With luck, we should
            know the leading digits (indeed, all of them) of the prime factors
            within a few months.


            Paul
          • Phil Carmody
            ... pon seeing Milton s post I thought of hammering a post or mail off to Bob S. or sci.crypt (irrespectively, probably) to enquire who, presuming someone,
            Message 5 of 5 , Apr 16, 2009
            • 0 Attachment
              --- On Thu, 4/16/09, Paul Leyland <paul@...> wrote:
              > Phil Carmody wrote:
              > > As the mod who approved that post, it provided me with an only
              > > momentary problem. As per Ken's post to which you refer
              > > "unless it contains an answer to the challenge he has been issued"
              > > Milton's post _did_ contain such answers. It's now approaching
              > > science, as it can be falsified.
              >
              > Note that sieving for RSA-768 has now finished. With luck, we should
              > know the leading digits (indeed, all of them) of the prime factors
              > within a few months.

              'pon seeing Milton's post I thought of hammering a post or mail off to Bob S. or sci.crypt (irrespectively, probably) to enquire who, presuming someone, was attacking such a task. However, I've not had the time this last week to even contemplate actually following through with that.

              Thanks for volunteering the information, and good luck finding some roots in your field. (Dare I say "That'll be a turnip for the books"? Nah, I probably shouldn't.) Do let us know each digit as you discover it, won't you?

              Phil
            Your message has been successfully submitted and would be delivered to recipients shortly.