2013.09.19 00:06:07 (380452702276157440) from Daniel J. Bernstein, replying to "nikita borisov (@nikitab)" (380444123079000064):
Yes, you can always reduce the cost of the matrix below the cost of sieving. http://cr.yp.to/papers/nfscircuit.pdf @nikitab @sevenps @kragen @arstechnica
2013.09.18 19:53:00 (380389002588594176) from "nikita borisov (@nikitab)", replying to "You and 52 others (@bahstgwamt)" (380388495224631296):
@kragen @arstechnica botnet wouldn't have enough RAM for the computation, but the NSA, yes, possibly.
2013.09.18 22:37:57 (380430513166503937) from Daniel J. Bernstein, replying to "nikita borisov (@nikitab)" (380389002588594176):
Conficker had well over 2^50 bytes of RAM. Even a badly optimized RSA-1024 NFS attack doesn't need that much. @nikitab @kragen @arstechnica
2013.09.18 22:40:10 (380431072606965760) from "Samuel Neves (@sevenps)":
@hashbreaker @nikitab @kragen @arstechnica How would the matrix step work? Communication costs are huge
2013.09.18 23:32:01 (380444123079000064) from "nikita borisov (@nikitab)", replying to "Samuel Neves (@sevenps)" (380431072606965760):
@sevenps @hashbreaker @kragen @arstechnica right, I meant enough RAM collocated with fast comm links. Is there a way around that?