CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
IFIP/Sec '93 Proceedings of the IFIP TC11, Ninth International Conference on Information Security: Computer Security
The GH Public-Key Cryptosystem
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Elliptic Curves: Number Theory and Cryptography
Elliptic Curves: Number Theory and Cryptography
Public-key cryptosystems based on cubic finite field extensions
IEEE Transactions on Information Theory
Hi-index | 7.29 |
The Discrete Log Problem (DLP), that is computing x, given y=@a^x and =G@?F"q^*, based Public Key Cryptosystem (PKC) have been studied since the late 1970's. Such development of PKC was possible because of the trapdoor function f:Z"@?-G=@?F"q^*, f(m)=@a^m is a group homomorphism. Due to this fact we have; Diffie Hellman (DH) type key exchange, ElGamal type message encryption, and Nyberg-Rueppel type digital signature protocols. The cryptosystems based on the trapdoor f(m)=@a^m are well understood and complete. However, there is another trapdoor function f:Z"@?-G, f(m)-Tr(@a^m), where G=@?F"q"^"k^*,k=2, which needs more attention from researchers from a cryptographic protocols point of view. In the above mentioned case, although f is computable, it is not clear how to produce protocols such as Diffie Hellman type key exchange, ElGamal type message encryption, and Nyberg-Rueppel type digital signature algorithm, in general. It would be better, of course if we can find a more efficient algorithm than repeated squaring and trace to compute f(m)=Tr(@a^m) together with these protocols. In the literature we see some works for a more efficient algorithm to compute f(m)=Tr(@a^m) and not wondering about the protocols. We also see some works dealing with an efficient algorithm to compute Tr(@a^m) as well as discussing the cryptographic protocols. In this review paper, we are going to discuss the state of art on the subject.