Reducing elliptic curve logarithms to logarithms in a finite field
STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves
Mathematics of Computation
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
How Easy is Collision Search. New Results and Applications to DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Speeding Up Pollard's Rho Method for Computing Discrete Logarithms
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
A One Round Protocol for Tripartite Diffie-Hellman
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Efficient Implementation of Pairing-Based Cryptosystems
Journal of Cryptology
Elliptic Curves Suitable for Pairing Based Cryptography
Designs, Codes and Cryptography
Generating More MNT Elliptic Curves
Designs, Codes and Cryptography
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Constructing pairing-friendly elliptic curves with embedding degree 10
ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
Hierarchical identity based encryption with constant size ciphertext
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Security analysis of the strong diffie-hellman problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Practical identity-based encryption without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Efficient blind and partially blind signatures without random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Pairing-Friendly elliptic curves of prime order
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
An improved algorithm for computing logarithms over and its cryptographic significance (Corresp.)
IEEE Transactions on Information Theory
Ordinary abelian varieties having small embedding degree
Finite Fields and Their Applications
Boneh-Boyen Signatures and the Strong Diffie-Hellman Problem
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Pairing-friendly elliptic curves with small security loss by Cheon's algorithm
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Solving DLP with auxiliary input over an elliptic curve used in TinyTate library
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Solving a DLP with auxiliary input with the ρ-algorithm
WISA'11 Proceedings of the 12th international conference on Information Security Applications
Solving a discrete logarithm problem with auxiliary input on a 160-bit elliptic curve
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
In EUROCRYPT 2006, Cheon proposed breakthrough algorithms for pairing-related problems such as the q-weak/strong Diffie-Hellman problem. Using that the exponents of an element in an abelian group G of prime order p form the ring Z/pZ structure even if G is a generic group, Cheon's algorithms reduce their complexity by Pohlig-Hellman like method over (Z/pZ)* or its extension. The algorithms are more efficient than solving the relative discrete logarithm problems in certain cases. This paper shows that Cheon's algorithms are faster than the result obtained by the complexity analysis in Cheon's paper, i.e. the algorithms can be done within O(√p/d +√d) group operations, where d is a positive divisor of p - 1 with d ≤ q or a positive divisor of p + 1 with 2d q, instead of O(log p(√p/d + √d)) group operations shown by Cheon. This paper also shows an improvement of one of the algorithms for q-weak Diffie-Hellman problem. The improvement can be done within O(ε√p/d) group operations, where ε = min(2/(1 - logp d), log p). Moreover, this paper discusses how to choose the group order so that the algorithms are inefficient and also shows a condition for the group order and the probability that an order satisfies the condition.