Integral Minimisation Improvement for Murphy’s Polynomial Selection Algorithm

We consider Murphy’s polynomial selection algorithm for the general number field sieve. One of the steps in this algorithm consists of finding a minimum of an integral. However, the size of the polynomial coefficients causes the classical steepest descent algorithm to be ineffective. This article brings an idea how to improve the steepest descent algorithm so that it converges better and faster. Most of today’s security applications are based on our inability to quickly factorise integers. The fastest known algorithm for splitting a large integer into the product of primes is the Number Field Sieve [3], [6]. In this algorithm, we work in a number field K = Q[x]/f , where f ∈ Z[x] is an irreducible polynomial that has a root modulo the factorised number. It is a difficult task to find such a polynomial f . More precisely said, there are infinitely many such polynomials but it is difficult to find good ones; one of the features of a good polynomial is to have small coefficients. Not much was known about looking for such good polynomials since Brian Murphy presented a method for polynomial selection in his thesis [5]. Although there now exist newer methods [2], this one is still widely used. A way how to achieve small coefficients of the sought polynomial is to define a multivariate function based on a definite integral over the polynomial and to find the minimum. Unfortunately, there was given no hint how to find it.