No, RSA Is Not Broken
I have been seeing this paper by cryptographer Peter Schnorr making the rounds: “Fast Factoring Integers by SVP Algorithms.” It describes a new factoring method, and its abstract ends with the provocative sentence: “This destroys the RSA cryptosystem.”
It does not. At best, it’s an improvement in factoring—and I’m not sure it’s even that. The paper is a preprint: it hasn’t been peer reviewed. Be careful taking its claims at face value.
Some discussion here.
I’ll append more analysis links to this post when I find them.
EDITED TO ADD (3/12): The latest version of the paper does not have the words “This destroys the RSA cryptosystem” in the abstract. Some more discussion.
Anonymous • March 5, 2021 11:48 AM
Be careful. There are indicators that the author did not upload the preprint and the latest version does not contain the mentioned sentence. It has also been part in this blog: https://blog.fefe.de/?ts=9ec00c82
In https://www.math.uni-frankfurt.de/~dmst/teaching/WS2019/SVP9.pdf it says “This proves polynomial time bound.”. The paper may still be wrong.