A new baby-step giant-step algorithm and some applications to cryptanalysis

Authors:
Jean Sébastien Coron;David Lefranc;Guillaume Poupard
Affiliations:
Université du Luxembourg, Luxembourg;France Télécom, Caen, France;DCSSI Crypto Lab, Paris 07 SP, France
Venue:
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Year:
2005

Citing 10
Cited 8

How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
A course in computational algebraic number theory

A course in computational algebraic number theory
Discrete Logarithms: The Past and the Future

Designs, Codes and Cryptography - Special issue on towards a quarter-century of public key cryptography
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Efficient Identification and Signatures for Smart Cards

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Some baby-step giant-step algorithms for the low hamming weight discrete logarithm problem

Mathematics of Computation
Self-certified public keys

EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Practical threshold signatures

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
An improved fast signature scheme without online multiplication

FC'02 Proceedings of the 6th international conference on Financial cryptography

Analysis of Low Hamming Weight Products

Discrete Applied Mathematics
The Carry Leakage on the Randomized Exponent Countermeasure

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
A parameterized splitting system and its application to the discrete logarithm problem with low hamming weight product exponents

PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Parameterized splitting systems for the discrete logarithm

IEEE Transactions on Information Theory
Elliptic curves cryptosystems for ecommerce applications

MCBE'10/MCBC'10 Proceedings of the 11th WSEAS international conference on mathematics and computers in business and economics and 11th WSEAS international conference on Biology and chemistry
Hard instances of the constrained discrete logarithm problem

ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
A practical and tightly secure signature scheme without hash function

CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Public key cryptography and RFID tags

CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology

Quantified Score

Hi-index	0.06

Visualization

Abstract

We describe a new variant of the well known Baby-Step Giant-Step algorithm in the case of some discrete logarithms with a special structure. More precisely, we focus on discrete logarithms equal to products in groups of unknown order. As an example of application, we show that this new algorithm enables to cryptanalyse a variant of the GPS scheme proposed by Girault and Lefranc at CHES 2004 conference in which the private key is equal to the product of two sub-private keys of low Hamming weight. We also describe a second attack based on a known variant of the Baby-Step Giant-Step algorithm using the low Hamming weight of the sub-private keys.