Explicit construction of exponential sized families of K-independent sets
Discrete Mathematics
Theoretical Computer Science
Combinatorial algorithms: generation, enumeration, and search
ACM SIGACT News
Handbook of Applied Cryptography
Handbook of Applied Cryptography
A note on discrete logarithms with special structure
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
On the Insecurity of a Server-Aided RSA Protocol
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Random small hamming weight products with applications to cryptography
Discrete Applied Mathematics - Special issue on the 2000 com2MaC workshop on cryptography
Computing discrete logarithms with the parallelized kangaroo method
Discrete Applied Mathematics - Special issue on the 2000 com2MaC workshop on cryptography
The Lovász Local Lemma and Its Applications to some Combinatorial Arrays
Designs, Codes and Cryptography
Analysis of Low Hamming Weight Products
Discrete Applied Mathematics
The Carry Leakage on the Randomized Exponent Countermeasure
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Solving discrete logarithms from partial knowledge of the key
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
New definition of density on knapsack cryptosystems
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Parameterized splitting systems for the discrete logarithm
IEEE Transactions on Information Theory
A new human identification protocol and coppersmith's baby-step giant-step algorithm
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Power attack on small RSA public exponent
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Hard instances of the constrained discrete logarithm problem
ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
A new baby-step giant-step algorithm and some applications to cryptanalysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Further hidden markov model cryptanalysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
New generic algorithms for hard knapsacks
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient CRT-RSA decryption for small encryption exponents
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Correcting errors in private keys obtained from cold boot attacks
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
| Hi-index | 0.06 |
In this paper, we present several baby-step giant-step algorithms for the low hamming weight discrete logarithm problem. In this version of the discrete log problem, we are required to find a discrete logarithm in a finite group of order approximately 2m, given that the unknown logarithm has a specified number of l's, say t, in its binary representation. Heiman and Odlyzko presented the first algorithms for this problem. Unpublished improvements by Coppersmith include a deterministic algorithm with complexity O (m (t/2m/2)), and a Las Vegas algorithm, with complexity O (√t (m/2 t/2)).We perform an average-case analysis of Coppersmith's deterministic algorithm. The average-case complexity achieves only a constant factor speed-up over the worst-case. Therefore, we present a generalized version of Coppersmith's algorithm, utilizing a combinatorial set system that we call a splitting system. Using probabilistic methods, we prove a new existence result for these systems that yields a (nonuniform) deterministic algorithm with complexity O(t3/2 (log m) (t/2m/2)))). We also present some explicit constructions for splitting systems that make use of perfect hash families.