Solving Discrete Logarithms from Partial Knowledge of the Key
نویسندگان
چکیده
For elliptic curve based cryptosystems, the discrete logarithm problem must be hard to solve. But even when this is true from a mathematical point of view, side-channel attacks could be used to reveal information about the key if proper countermeasures are not used. In this paper, we study the difficulty of the discrete logarithm problem when partial information about the key is revealed by side channel attacks. We provide algorithms to solve the discrete logarithm problem for generic groups with partial knowledge of the key which are considerably better than using a square-root attack on the whole key or doing an exhaustive search using the extra information, under two different scenarios. In the first scenario, we assume that a sequence of contiguous bits of the key is revealed. In the second scenario, we assume that partial information on the “Square and Multiply Chain” is revealed.
منابع مشابه
Partial Eigenvalue Assignment in Discrete-time Descriptor Systems via Derivative State Feedback
A method for solving the descriptor discrete-time linear system is focused. For easily, it is converted to a standard discrete-time linear system by the definition of a derivative state feedback. Then partial eigenvalue assignment is used for obtaining state feedback and solving the standard system. In partial eigenvalue assignment, just a part of the open loop spectrum of the standard linear s...
متن کاملOn the computation of discrete logarithms in finite prime fields
In this thesis we write about practical experience when solving congruences of the form a ≡ b mod p, a, b, p, x ∈ ZZ, p prime. This is referred to as the discrete logarithm problem in (ZZ/pZZ)∗. Many cryptographic protocols such as signature schemes, message encryption, key exchange and identification depend on the difficulty of this problem. We are concerned with the practicability of differen...
متن کاملFinite difference method for solving partial integro-differential equations
In this paper, we have introduced a new method for solving a class of the partial integro-differential equation with the singular kernel by using the finite difference method. First, we employing an algorithm for solving the problem based on the Crank-Nicholson scheme with given conditions. Furthermore, we discrete the singular integral for solving of the problem. Also, the numerical results ob...
متن کاملComputing Discrete Logarithms with the General Number Field Sieve
The diiculty in solving the discrete logarithm problem is of extreme cryptographic importance since it is widely used in signature schemes, message encryption, key exchange, authentication and so on ((15], 17], 21], 29] etc.). The General Number Field Sieve (GNFS) is the asymptotically fastest known method to compute discrete logs mod p 18]. With the rst implementation of the GNFS for discrete ...
متن کاملProof Systems for General Statements about Discrete Logarithms
Proof systems for knowledge of discrete logarithms are an important primitive in cryptography. We identify the basic underlying techniques, generalize these techniques to prove linear relations among discrete logarithms, and propose a notation for describing complex and general statements about knowledge of discrete logarithms. This notation leads directly to a method for constructing eecient p...
متن کامل