On Sat, 26 Apr 2003, Eric Cordian wrote:
How silly. Factoring is like the Poincare Conjecture. Solving it doesn't let us do anything new and exciting, and nothing else we care about has a reduction into it.
Fast factoring will be greeted by "oh, yes, of course", and the sound of mass yawning and moving on.
Fast factoring will be greeted (if it wasn't already) by loud and top-secret cheer of all the No-Such-Agencies. We the People will be told much later. That Joe Sixpacks will yawn and move on will only signify his lack of understanding of the problem.
In 10 years, "factor" will be a commodity microprocessor opcode.
Why? Solving it doesn't let us do anything new and exciting, and nothing else we care about has a reduction into it. And every opcode occupies some chip space, and chip space is (at least for now) too expensive for unimportant functions.
Is anyone even working on factoring any more? How long has it been since the last RSA Challenge number was factored? Seems like aeons.
That there is no published activity doesn't mean there is no activity.
Yes, I believe Joe Sixpack saying that he promises to keep my key safe to be on the same footing as Joe Sixdiploma saying that because he can't figure out how to factor 309 digit numbers quickly, it must not be possible.
So far it doesn't seem to be possible. If it is, then the method has so high strategical value that it is not used for less important operations, in order to not disclose its existence by indirect clues[1]. But for operations with so high stakes you should use one-time pads on one of the layers anyway.
All RSA is faith-based crypto.
What alternative do you suggest? [1] If decrypted plaintexts start popping up from nowhere, being used in all kinds of prosecutions, it's a strong evidence the encryption algorithm was compromised. However, the current trend with secret courts and secret evidence can make it less evident.