Individual discrete logarithm with sublattice reduction
نویسندگان
چکیده
The Number Field Sieve and its numerous variants is the best algorithm to compute discrete logarithms in medium large characteristic finite fields. When extension degree n composite p of size, Tower variant (TNFS) asymptotically most efficient one. Our work deals with last main step, namely individual logarithm that computes a smooth decomposition given target T field thanks two distinct phases: an initial splitting descent tree. In this article, we improve on current state-of-the-art Guillevic’s dedicated step for n. While still exploiting proper subfields field, modify lattice reduction subroutine creates lift number T. returns lifted elements lower degrees coefficients, resulting norms field. are not only much likely be because they have smaller norms, but it permits set smoothness bound Asymptotically, our faster works larger area fields than algorithm, being now relevant even when such $$L_{p^n}(1/3) \le p< L_{p^n}(1/2)$$ . practice, conduct experiments 500-bit 2048-bit fields: method becomes more as largest non trivial divisor grows, thus particularly adapted degrees.
منابع مشابه
Fusion Discrete Logarithm Problems
The Discrete Logarithm Problem is well-known among cryptographers, for its computational hardness that grants security to some of the most commonly used cryptosystems these days. Still, many of these are limited to a small number of candidate algebraic structures which permit implementing the algorithms. In order to extend the applicability of discrete-logarithm-based cryptosystems to a much ri...
متن کاملDiscrete logarithm in GF(2) with FFS
We give details on solving the discrete logarithm problem in the 202-bit prime order subgroup of F2809 using the Function Field Sieve algorithm (FFS). To our knowledge, this computation is the largest discrete logarithm computation so far in a binary field extension of prime degree. The Function Field Sieve is the traditional approach for solving these problems, and has been used in previous re...
متن کاملThe Discrete-Logarithm Problem with Preprocessing
This paper studies discrete-log algorithms that use preprocessing. In our model, an adversary may use a very large amount of precomputation to produce an “advice” string about a specific group (e.g., NIST P-256). In a subsequent online phase, the adversary’s task is to use the preprocessed advice to quickly compute discrete logarithms in the group. Motivated by surprising recent preprocessing a...
متن کاملBirthday attack to discrete logarithm
The discrete logarithm in a finite group of large order has been widely applied in public key cryptosystem. In this paper, we will present a probabilistic algorithm for discrete logarithm.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Designs, Codes and Cryptography
سال: 2023
ISSN: ['0925-1022', '1573-7586']
DOI: https://doi.org/10.1007/s10623-023-01282-w