Section: New Results

The Number Field Sieve – High-Level Results

A New Ranking Function for Polynomial Selection in the Number Field Sieve

Participant : Paul Zimmermann.

With Nicolas David (ÉNS Paris-Saclay, France), we designed a new ranking function for polynomial selection in the Number Field Sieve. The previous ranking function was only considering the mean of the so-called $\alpha$-value, which measures how small primes divide the norm of the polynomial. The new function also takes into account the variance of the corresponding distribution. This partially explains why the previous function did sometimes fail to correctly identify the best polynomials. The new ranking function is implemented in Cado-NFS (branch dist-alpha ) and is detailed in [3].

On the Alpha Value of Polynomials in the Tower Number Field Sieve Algorithm

Participant : Aurore Guillevic.

With Shashank Singh from IISER Bhopal (former post-doc at CARAMBA in 2017), we generalized the ranking function $\alpha$ for the Tower setting of the Number Field Sieve in [22]. In the relation collection of the NFS algorithm, one tests the smoothness of algebraic norms (computed with resultants). The $\alpha$ function measures the bias of the average valuation at small primes of algebraic norms, compared to the average valuation at random integers of the same size. A negative $\alpha$ means more small divisors than average. We then estimate the total number of relations with a Monte-Carlo simulation, as a generalized Murphy's $E$ function, and finally give a rough estimate of the total cost of TNFS for finite fields ${𝔽}_{p^k}$ of popular pairing-friendly curves.

Faster Individual Discrete Logarithms in Finite Fields of Composite Extension Degree

Participant : Aurore Guillevic.

We improved the previous work [30] on speeding-up the first phase of the individual discrete logarithm computation, the initial splitting, a.k.a. the smoothing phase. We extended the algorithm to any non-prime finite field ${𝔽}_{p^n}$ where $n$ is composite. We also applied it to the new variant Tower-NFS. The paper was finally published in 2019 [4].