In 1989, Koblitz proposed using the jacobian of a hyperelliptic curve defined over a finite field to implement discrete logarithm cryptographic protocols. This paper provides an overview of algorithms for performing the group law (which are necessary for the efficient implementation of the protocols), and algorithms for solving the hyperelliptic curve discrete logarithm problem (whose intractab...

In their foundational paper on pseudorandom bit generation, Blum and Micali showed that the discrete logarithm problem could be solved efficiently given a “magic box” oracle that computes the most significant bit of the discrete logarithm with a slight advantage over guessing. This magic box can be realized on a quantum computer with a new, simplified variant of Shor’s algorithm. The resulting ...

k = k1 + k2p+ . . .+ krp , 0 ≤ k1, k2, . . . , kr < p , for 0 ≤ k ≤ q − 1. Let γ be a primitive element of Fq. The discrete logarithm (or index) of a nonzero element ξ ∈ Fq to the base γ, denoted indγ(ξ), is the unique integer l with 0 ≤ l ≤ q − 2 such that ξ = γ. The discrete logarithm problem is to find a computationally feasible method for determining the discrete logarithm. The security of ...

The discrete logarithm has similar algebraic properties as for logarithm in reals. Namely, logg(hh ′) = logg(h) + logg(h ′). The discrete logarithm problem is also randomly self-reducible. This means that there are no “difficult” problems. If there would be an element h in the group for which the logarithm is hard to solve, then it is possible to take 1 ≤ x ≤ q, where q is the order of the grou...

We announce ultrametric analogues of the results of Kleinbock-Margulis for shrinking target properties of semisimple group actions on symmetric spaces. The main applications are S-arithmetic Diophantine approximation results and logarithm laws for buildings, generalizing the work of Hersonsky-Paulin on trees.

McGill University Let X1 , X2, • . . be a sequence of independent uniformly distributed random variables on [0, 1] and Kn be the kth largest spacing induced by X 1 , X12 . We show that P(Kn < (log n log3n log 2)/n i .o .) = 1 where log, is the j times iterated logarithm. This settles a question left open in Devroye (1981) . Thus, we have lim inf(nKn log n + log3n) _ -log 2 almost surely, and li...

The discrete logarithm in a finite group of large order has been widely applied in public key cryptosystem. In this paper, we will present a probabilistic algorithm for discrete logarithm.

Discrete exponentiation in a finite field is a direct analog of ordinary exponentiation. The exponent can only be an integer, say n, but for w in a field F , w is defined except when w = 0 and n ≤ 0, and satisfies the usual properties, in particular w = ww and (for u and v in F ) (uv) = uv. The discrete logarithm is the inverse function, in analogy with the ordinary logarithm for real numbers. ...

This note contains a Chover-type Law of the k -Iterated Logarithm for weighted sums of strong mixing sequences of random variables with a distribution in the domain of a stable law. We show that the upper part of the LIL is similar to other studies in the literature; conversely, the lower half is substantially different. In particular, we show that, due to the failure of the classical version o...

The origin of pairing based cryptosystems is in the MOV attack [10] on the elliptic curve discrete logarithm problem. The attack was first envisioned by Gerhard Frey. The idea was to use the bilinear properties of the Weil pairing to reduce a discrete logarithm problem in an elliptic curve over a finite field Fq to a discrete logarithm problem in Fqk . It is known [1] that most of the time for ...