The Special Number Field Sieve in 𝔽pn - Application to Pairing-Friendly Constructions
نویسندگان
چکیده
In this paper, we study the discrete logarithm problem in finite fields related to pairing-based curves. We start with a precise analysis of the state-of-the-art algorithms for computing discrete logarithms that are suitable for finite fields related to pairing-friendly constructions. To improve upon these algorithms, we extend the Special Number Field Sieve to compute discrete logarithms in Fpn , where p has an adequate sparse representation. Our improved algorithm works for the whole range of applicability of the Number Field Sieve.
منابع مشابه
The Tower Number Field Sieve
The security of pairing-based crypto-systems relies on the difficulty to compute discrete logarithms in finite fields Fpn where n is a small integer larger than 1. The state-of-art algorithm is the number field sieve (NFS) together with its many variants. When p has a special form (SNFS), as in many pairings constructions, NFS has a faster variant due to Joux and Pierrot. We present a new NFS v...
متن کاملCollecting relations for the Number Field Sieve in GF(p6)
In order to assess the security of cryptosystems based on the discrete logarithm problem in non-prime finite fields, as are the torus-based or pairing-based ones, we investigate thoroughly the case in Fp6 with the Number Field Sieve. We provide new insights, improvements, and comparisons between different methods to select polynomials intended for a sieve in dimension 3 using a special-q strate...
متن کاملCollecting relations for the Number Field Sieve in GF ppq
In order to assess the security of cryptosystems based on the discrete logarithm problem in non-prime finite fields, as are the torus-based or pairing-based ones, we investigate thoroughly the case in Fp6 with the Number Field Sieve. We provide new insights, improvements, and comparisons between different methods to select polynomials intended for a sieve in dimension 3 using a special-q strate...
متن کاملExtended Tower Number Field Sieve: A New Complexity for Medium Prime Case
In this paper, we extend the tower number field sieve (TNFS) proposed by Barbulescu, Gaudry, and Kleinjung in Asaicrypt 2015. Our generalization based on the JLSV algorithm (by Joux, Lercier, Smart, and Vercautern, Crypto 2006) shows that one can solve the discrete logarithm over the field FQ := Fpn in time complexity, LQ(1/3, (64/9) ), for p = LQ(`p) with some `p > 1/3. This should be compared...
متن کاملA construction of 3-dimensional lattice sieve for number field sieve over F_{p^n}
The security of pairing-based cryptography is based on the hardness of solving the discrete logarithm problem (DLP) over extension field GF(p) of characteristic p and degree n. Joux et al. proposed an asymptotically fastest algorithm for solving DLP over GF(p) (JLSV06-NFS) as the extension of the number field sieve over prime field GF(p) (JL03-NFS). The lattice sieve is often used for a largesc...
متن کامل