Emmanuel Thomé
French Institute for Research in Computer Science and Automation
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Emmanuel Thomé.
international cryptology conference | 2010
Thorsten Kleinjung; Kazumaro Aoki; Jens Franke; Arjen K. Lenstra; Emmanuel Thomé; Joppe W. Bos; Pierrick Gaudry; Alexander Kruppa; Peter L. Montgomery; Dag Arne Osvik; Herman J. J. te Riele; Andrey V. Timofeev; Paul Zimmermann
This paper reports on the factorization of the 768-bit number RSA-768 by the number field sieve factoring method and discusses some implications for RSA.
Mathematics of Computation | 2007
Pierrick Gaudry; Emmanuel Thomé; Nicolas Thériault; Claus Diem
In this article, we examine how the index calculus approach for computing discrete logarithms in small genus hyperelliptic curves can be improved by introducing a double large prime variation. Two algorithms are presented. The first algorithm is a rather natural adaptation of the double large prime variation to the intended context. On heuristic and experimental grounds, it seems to perform quite well but lacks a complete and precise analysis. Our second algorithm is a considerably simplified variant, which can be analyzed easily. The resulting complexity improves on the fastest known algorithms. Computer experiments show that for hyperelliptic curves of genus three, our first algorithm surpasses Pollards Rho method even for rather small field sizes.
algorithmic number theory symposium | 2008
Richard P. Brent; Pierrick Gaudry; Emmanuel Thomé; Paul Zimmermann
In this paper, we discuss an implementation of various algorithmsfor multiplying polynomials in GF(2)[x]: variants of the windowmethods, Karatsubas, Toom-Cooks, Schonhages and Cantors algorithms.For most of them, we propose improvements that lead to practicalspeedups.
public key cryptography | 2014
Razvan Barbulescu; Cyril Bouvier; Jérémie Detrey; Pierrick Gaudry; Hamza Jeljeli; Emmanuel Thomé; Marion Videau; Paul Zimmermann
The year 2013 has seen several major complexity advances for the discrete logarithm problem in multiplicative groups of small- characteristic finite fields. These outmatch, asymptotically, the Function Field Sieve FFS approach, which was so far the most efficient algorithm known for this task. Yet, on the practical side, it is not clear whether the new algorithms are uniformly better than FFS. This article presents the state of the art with regard to the FFS algorithm, and reports data from a record-sized discrete logarithm computation in a prime-degree extension field.
international conference on the theory and application of cryptology and information security | 2007
Antoine Joux; David Naccache; Emmanuel Thomé
We show that computing e-th roots modulo n is easier than factoring n with currently known methods, given subexponential access to an oracle outputting the roots of numbers of the form xi + c. Here c is fixed and xi denotes small integers of the attackers choosing. The attack comes in two flavors: - A first version is illustrated here by producing selective roots of the form xi + c in Ln(1/3, 3√32/9). This matches the special number field sieves (SNFS) complexity. - A second variant computes arbitrary e-th roots in Ln (1/3, γ) after a subexponential number of oracle queries. The constant γ depends on the type of oracle used. This addresses in particular the One More rsa Inversion problem, where the e-th root oracle is not restricted to numbers of a special form. The aforementioned constant γ is then 3√32/9. Constraining the oracle to roots of the form e√xi + c mod n increases γ. Both methods are faster than factoring n using the GNFS (Ln(1/3, 3√64/9)). This sheds additional light on rsas malleability in general and on rsas resistance to affine forgeries in particular - a problem known to be polynomial for xi > 3√n, but for which no algorithm faster than factoring was known before this work.
Cluster Computing | 2012
Thorsten Kleinjung; Joppe W. Bos; Arjen K. Lenstra; Dag Arne Osvik; Kazumaro Aoki; Scott Contini; Jens Franke; Emmanuel Thomé; Pascal Jermini; Michela Thiémard; Paul Leyland; Peter L. Montgomery; Andrey V. Timofeev; Heinz Stockinger
In December 2009 the 768-bit, 232-digit number RSA-768 was factored using the number field sieve. Overall, the computational challenge would take more than 1700 years on a single, standard core. In the article we present the heterogeneous computing approach, involving different compute clusters and Grid computing environments, used to solve this problem.
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding | 2009
Antoine Joux; Reynald Lercier; David Naccache; Emmanuel Thomé
This paper extends Joux-Naccache-Thomes e -th root algorithm to the static Diffie-Hellman problem ( sdhp ). The new algorithm can be adapted to diverse finite fields by customizing it with an nfs -like core or an ffs -like core. In both cases, after a number of non-adaptive sdhp oracle queries, the attacker builds-up the ability to solve new sdhp instances unknown before the query phase . While sub-exponential, the algorithm is still significantly faster than all currently known dlp and sdhp resolution methods. We explore the applicability of the technique to various cryptosystems.The attacks were implemented in
Mathematics of Computation | 2015
Shi Bai; Richard P. Brent; Emmanuel Thomé
{\mathbb F}_{2^{1025}}
Experimental Mathematics | 2014
Andreas Enge; Emmanuel Thomé
and also in
theory and application of cryptographic techniques | 2017
Joshua Fried; Pierrick Gaudry; Nadia Heninger; Emmanuel Thomé
{\mathbb F}_{p}
Collaboration
Dive into the Emmanuel Thomé's collaboration.
