This paper improves the price-performance ratio of ECM, the elliptic-curve method of integer factorization. In particular, this paper constructs "a¿=¿-¿1" twisted Edwards curves having Q-torsion group Z/2 x Z/4, Z/8, or Z/6 and having a known non-torsion point; demonstrates that, compared to the curves used in previous ECM implementations, some of the new curves are more effective at finding small primes despite being faster; and precomputes particularly effective curves for several specific sizes of primes.
Keywords: Factorization - ECM - elliptic-curve method - curve selection - Edwards coordinates - twisted Edwards curves - Suyama curves.
|Title of host publication||Progress in Cryptology - LATINCRYPT 2010 (First International Conference on Cryptology and Information Security in Latin America, Puebla, Mexico, August 8-11, 2010. Proceedings)|
|Editors||M. Abdalla, P.S.L.M. Barretto|
|Place of Publication||Berlin|
|Publication status||Published - 2010|
|Name||Lecture Notes in Computer Science|