Generic algorithms for computing discrete logarithms

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

This chapter is devoted to the generic methods for computing discrete logarithms in commutative groups and group orders. There are also applications where, apart from the group order, we have additional knowledge on the logarithm logg(h), such as a certain amount of high or low order bits, or a probability distribution of the logarithm, or else the interval in which it lies is known beforehand. The last kind of information is exploited, for example, by the kangaroo methods (see Section 19.6): if we are interested in the order of an elliptic or hyperelliptic curve, this information by Hasse’s bound (see Section 5.2.3) is an interval centered on the cardinality of the underlying field. In general, such knowledge (especially information about certain bits) can be used to reduce the running time for solving the DLP, so the designer of a DL system must take it into account [NGSH 2003]. The adaptation of the methods described here to the context where one has that particular information is often quite straightforward.

Original languageEnglish
Title of host publicationHandbook of Elliptic and Hyperelliptic Curve Cryptography
PublisherCRC Press
Pages477-494
Number of pages18
ISBN (Electronic)9781420034981
ISBN (Print)1584885181, 9781584885184
StatePublished - 1 Jan 2005
Externally publishedYes

Bibliographical note

Publisher Copyright:
© 2006 Taylor & Francis Group, LLC.

ASJC Scopus subject areas

  • General Mathematics
  • General Computer Science

Fingerprint

Dive into the research topics of 'Generic algorithms for computing discrete logarithms'. Together they form a unique fingerprint.

Cite this