Project-TANC:TIFA

Inria / Raweb 2009
Presentation of the Project TANC

Section: Software

TIFA

In late 2005, we hired J. Milan as ingénieur associé to help us developing and cleaning our programs. He first spent some time making a tour of publicly available implementations of the IEEE P-1363 cryptography standards. Following this study, it did not appear worthwhile to develop our own framework when others are approaching maturity and almost complete. He therefore switched to one of our other themes, namely writing integer factorization software for which the results can be guaranteed.

However, besides this quite daunting task, we have a more pragmatic, twofold-interest in fast factorization implementations for small numbers.

Our first motivation is directly related to the ANR CADO project [22] we are involved in, together with other teams such as the INRIA project-team CACAO. The objective of the CADO project is to implement an optimized and distributed implementation of the Number Field Sieve (NFS), asymptotically the fastest integer factorization algorithm currently known. This algorithm needs to factor a lot of much smaller integers (about 80 bits for current factorization records). Since a recursive application of the NFS would be totally inefficient in practice, there is indeed a need for routines better suited to factor this wealth of smaller by-products.
Our second motivation lies in our long-term commitment to produce identity cards for elliptic curves, in order to select curves with the properties needed for cryptographic use. An identity card requires the knowledge of the factorization of the order of the curve (about 200 bits for cryptographic use).

Hence, J. Milan began the development of the so-called TIFA library (short for Tools for Integer FActorization) in 2006. TIFA is made up of a base library written in C99 using the GMP library, together with stand-alone factorization programs and a basic benchmarking framework to assess the performance of the relative algorithms.

TIFA has been continuously improved during the last few years. As of november 2009, TIFA includes the following algorithms :

CFRAC (Continued FRACtion factorization [59] )
ECM (Elliptic Curve Method)
Fermat (McKee's “fast” variant of Fermat's algorithm [57] )
SIQS (Self-Initializing Quadratic Sieve [27] )
SQUFOF (SQUare FOrm Factorization [47] )

In early 2009, disappointing comparisons to other factorization tools (such as the ones provided by PARI/GP) prompted J. Milan to undertake a major rewrite of his SIQS implementation. Together with other optimizations throughout the code base, this effort led to dramatic improvements, making TIFA's SIQS more than twice as fast as PARI/GP's version. TIFA's SQUFOF and SIQS are now amongst the fastest available implementations. For tiny numbers (say between 100 to 160 bits), TIFA's SIQS may even be the fastest.

J. Milan still plans to maintain and improve the library, particularly its ECM implementation which is, now, the only significant part of the software which is really behind the competition.

So far, TIFA has been kept internal to the TANC team and CADO project. Recently, we have received several requests from the community asking for access to this library. Consequently, we are in the process of making it public under an open source license (most probably the Lesser General Public License version 2.1 or higher). We plan to have it available before the end of the year, or at worst, in early 2010.

Logo Inria