The current core of the aproximation algorithm works with pairs of elliptic curves, based on values of n, where n equals
[4,9] [49, 64], [256, 289], [8464..]
the pair 256, 289 for example correspond to the number of elements of the finite group defined by the elliptic curve y^2 = x^3 + x + 1 (mod prime(n)) (256, 289)
given the following python code..
for some value of i, such that (_d42/((int(((ceil(a1/(d4a/_d42))(d4a/_d42))_d42)/d4a))-(1+d(1/2))(1-((d(1/4))-(d(1/9))+(d(1/49)i)-(d(1/64)d(1/i))+(d(1/256)d(i))-(d(1/289)d(1/i))+(d(1/d(922))d(i)))))) ~= d4, where d4a/d4 = a = p
where in standard notions our public key would be n=pq, n being a semiprime, p and q being prime (this a simplification naturally, and leaves out discussion of the modulus).
and where the value being aproximated is
abs((_d42/((int(((ceil(a1/(d4a/_d42))(d4a/_d42))_d42)/d4a))-(1+d(1/2))(1-((d(1/4))-(d(1/9))+(d(1/49)i)-(d(1/64)d(1/i))+(d(1/256)d(i))-(d(1/289)d(1/i))+(d(1/d(92*2))d(i))))))-d4)
Some of the values remain unexplained for now, but the gist to understand whats going on is there.
Testing across a few million random semiprimes from a mere 32 bits, all the way up to 4096 bits found that the i value needed
to closely approximate d4, and thus find p and q is never greater than 75 in all tested cases (and this is a relatively tight upperbound) based on the mean and variance of all semiprimes tested.
Finding p is equivalent to factoring, and thus breaking a public key.
This core method gets us to within 3% of any given key value.
Further elements of the algorithm get us to within 0.1 to 0.0001 of a key, indicating there is significant room for improvement.
It is now possible to get both the magnitude, and first 4-5 leading digits of a public key's factors, as well as the first 2-4 digits at the smallest integer magnitudes of a key's factors, without exhaustive search.
Ongoing research and current progress rates suggest the evolution of the work should yield advancements in the algorithm over the next six months that allow us to retrieve upwards of half the digits of a key's factors regardless of length, with eventual complete factoring in logarithmic time.
That is all for now.
prototype 0 points 9 months ago
Thanks. I'm not a popsci explainer by default, so it can be a slog to read shit like this. If I stopped to better explain it'd amount to a tutorial on the math and it'd be pages long.
The current estimator is good enough that state militiaries could save on their budgets implementing it when they bruteforce foreign nation's encryption. Why search p||q when you can bruteforce (p||q)*0.03?
And more intense estimates get you the magnitude and upwards of 8 leading digits, but thats with 2.1 trillion operations on average. Still, thats a far cry from bruteforcing a 2048 bit key. Anyone doing any sort of decryption work would take that in a heart beat over the standard approach. A couple trillion trial-and-error iterations to get an estimate of a public key's factors to within 0.0000000001%?
Thats a decision even a fungi could make.