[oelmekki]

I read once that prime numbers were a key element element on cryptography (because it's easy to multiply two prime numbers, but difficult to say if a number is a multiple of two prime numbers, if I remember correctly). Will this discovery have negative impact on it?

[throwawaymath]

No it won't. This result is related to the problems of proving properties about the prime numbers (such as gaps) and of determining whether or not a given number is prime. It has nothing to do with the computational intractability of factoring large numbers.

RSA utilizes an extremely large semiprime (the product of two very large prime numbers) to generate a public/private key pair. This result does not meaningfully change anything related to the computational work required to factor semiprime numbers that have over 600 digits.

[nl]

No.

It's the non-factorability of primes that is important.

[gonzo]

> It’s the non-factorability of primes that is important.

Primes by definition have two, and only two factors.

The difficulty of factoring a number which is the product of two large primes is the important bit.

[toxik]

I think the usual abstract algebra definition is one factor: itself. 1 is not considered a factor so that prime factorizations are unique, otherwise you could tack on an infinity of ones.

Also Möbius becomes strange with infty factors.

[ginnungagap]

The abstract algebra definition is that p is a prime if whenever p divides a product ab then p divides at least one of a and b.

Having no proper factors is the definition of an irreducible element.

The two definitions agree for the integers and nice algebraic structure (UFDs) but there are algebraic structures in which they are not the same which explains why there are two differenr definitions and names in abstract algebra

[rubyn00bie]

Pardon my extreme ignorance of the subject, but could you elaborate on why your statement is mutually exclusive of the OP? Not at all combative, just a sincerely interested layman :)

[monocasa]

It doesn't matter to the algorithm that we know if it's a product of two primes. Anyone attacking an RSA private key knows that it is.

The only unknown is which two primes.

[netsec_burn]

Which are easier to generate with a prime formula..

[Timmah]

Define "easier" in this context. If you have an algorithm whose complexity increases exponentially with the key length, saying you made a 10% gain doesn't mean squat.

[nl]

And it's wrong already. We already know all primes uses in encryption (just download a prime-number list).

[nl]

This is wrong. We have lists of all primes used in crypto already. Just knowing them all doesn’t make attacks quicker.

[netsec_burn]

Yes. If we can quickly generate large primes in a sequence then we can find the products easier.

[throwawaymath]

You should read the paper authors' paper directly; a preprint version if available on arXiv.[1]

The authors don't provide a complexity analysis of their algorithm; in lieu of attempting to derive that analysis myself, I'm deeply skeptical that their algorithm can find arbitrarily large prime numbers in sub-exponential time; let alone the polynomial time needed for breaking classical public-key cryptography. The absence of such a complexity analysis is conspicuous because such an analysis would be groundbreaking.

However, I don't need to lean on the conspicuous absence of a proof of polynomial time complexity for their algorithm because their algorithm has explicit limitations. It's an approximation method (albeit with high accuracy) that can only find primes located in dyadic intervals having many Braggs peaks and a relatively small left endpoint. In the paper they represent this interval with (M, M + L); in general a dyadic interval is an interval of the form (k/2n, k+1/2n) which may be either open or closed.

In other words the algorithm has costly limitations, no proof of polynomial time complexity and the authors don't even study its behavior for a left endpoint greater than 10^6. RSA semiprime numbers have 600 digits - this result isn't even in the same galaxy. Considering the explicit limitations in the authors' paper and the lack of interesting analysis indicating otherwise, it's likely that the problem of finding a suitable dyadic interval containing a large semiprime number's factors will just reduce to the problem of finding its factors anyway.

For what it's worth, this is all distinct from a more conceptual problem that undermines any use this result could have for cryptanalysis. Take a look at the prime counting function.[2] Per the prime counting function, there are approximately 2.53274 × 10^305 primes and 2.27654 × 10^613 primes less than 2^1024 and 2^2048, respectively. It's physically impossible to construct a lookup table consisting of all products of all pairs of primes in either set because there isn't enough matter in the universe to contain the information. But even if there was, you would never feasibly pick out the correct semiprime number corresponding to a given RSA private key by doing lookups in this way.

_______________________________________

1. https://arxiv.org/pdf/1802.10498.pdf

2. https://en.wikipedia.org/wiki/Prime-counting_function

[nl]

That’s not really true. We don’t find new primes to make cryptography safe.

We already have very large lists of primes. It’s choosing which primes are used that is the expensive part of attacking crypto.

Additionally the OP simplified how cryptography works too much in saying you just need to find the products to decrypt.