Oracle-Assisted Static Diffie-Hellman Is Easier Than Discrete Logarithms

Authors:
Antoine Joux;Reynald Lercier;David Naccache;Emmanuel Thomé
Affiliations:
DGA and Université de Versailles, UVSQ PRISM, Versailles CEDEX, France F-78035;DGA/CELAR, La Roche Marguerite, F-35174 Bruz, France and, IRMAR, Université de Rennes 1, Rennes, France F-35042;École normale supérieure, Équipe de cryptographie, Paris CEDEX 05, France F-75230;LORIA, CACAO --- bâtiment A, INRIA Lorraine, Villiers-lès-Nancy CEDEX, France F-54602
Venue:
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Year:
2009

Citing 10
Cited 2

Solving sparse linear equations over finite fields

IEEE Transactions on Information Theory
A public key cryptosystem and a signature scheme based on discrete logarithms

Proceedings of CRYPTO 84 on Advances in cryptology
Undeniable signatures

CRYPTO '89 Proceedings on Advances in cryptology
Server-Assisted Generation of a Strong Secret from a Password

WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
An Analytic Approach to Smooth Polynominals over Finite Fields

ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Improvements to the general number field sieve for discrete logarithms in prime fields: a comparison with the Gaussian integer method

Mathematics of Computation
Virtual logarithms

Journal of Algorithms
When e-th roots become easier than factoring

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
The number field sieve in the medium prime case

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
The function field sieve in the medium prime case

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

Solving a 676-bit discrete logarithm problem in GF(36n)

PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
The norwegian internet voting protocol

VoteID'11 Proceedings of the Third international conference on E-Voting and Identity

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper extends Joux-Naccache-Thomé's e -th root algorithm to the static Diffie-Hellman problem (sdhp ). The new algorithm can be adapted to diverse finite fields by customizing it with an nfs -like core or an ffs -like core. In both cases, after a number of non-adaptive sdhp oracle queries, the attacker builds-up the ability to solve new sdhp instances unknown before the query phase . While sub-exponential, the algorithm is still significantly faster than all currently known dlp and sdhp resolution methods. We explore the applicability of the technique to various cryptosystems.The attacks were implemented in ${\mathbb F}_{2^{1025}}$ and also in ${\mathbb F}_{p}$, for a 516-bit p .