> The authors hint in a footnote that at the heart of their computation is an asymptotically fast algorithm, allowing them to bring the running time of the computation down to nearly linear; but the actual description of the algorithm is kept a secret from the reader
How could something like that pass peer review? Their claim is effectively unable to be reproduced.
If I'm reading the numbers right, even using the slow way you'd expect to break on the order of tens of keys per day. Thus the claim that "two out of every one thousand RSA moduli [...] offer no security" is easily verified. The secret algorithm doesn't compute secret data that can't be verified.
A number of CS publications (or non-CS publications with custom software) don't include the source/enough exact parameters/... to reproduce their results.
How could something like that pass peer review? Their claim is effectively unable to be reproduced.