A simple and fast probabilistic algorithm for computing square roots modulo a prime number
IEEE Transactions on Information Theory
A key-exchange system based on imaginary quadratic fields
Journal of Cryptology
Quadratic fields and cryptography
Number theory and cryptography
A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves
Mathematics of Computation
Randomized algorithms
Algebraic aspects of cryptography
Algebraic aspects of cryptography
Breaking generalized Diffie-Hellman modulo a composite is no easier than factoring
Information Processing Letters
Rounding in lattices and its cryptographic applications
SODA '97 Proceedings of the eighth annual ACM-SIAM symposium on Discrete algorithms
Real and imaginary quadratic representations of hyperelliptic function fields
Mathematics of Computation
Designs, Codes and Cryptography - Special issue on towards a quarter-century of public key cryptography
Elliptic curves in cryptography
Elliptic curves in cryptography
The Relationship Between Breaking the Diffie--Hellman Protocol and Computing Discrete Logarithms
SIAM Journal on Computing
Cryptography in Quadratic Function Fields
Designs, Codes and Cryptography
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Elliptic Curve Public Key Cryptosystems
Elliptic Curve Public Key Cryptosystems
On the Distribution of Diffie--Hellman Triples with Sparse Exponents
SIAM Journal on Discrete Mathematics
Security of most significant bits of gx2
Information Processing Letters
Linear Complexity of the Discrete Logarithm
Designs, Codes and Cryptography
The Generalized Weil Pairing and the Discrete Logarithm Problem on Elliptic Curves
LATIN '02 Proceedings of the 5th Latin American Symposium on Theoretical Informatics
Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Algorithms
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
An algorithm for solving the discrete log problem on hyperelliptic curves
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems
IEEE Transactions on Information Theory
On the Distribution of the Diffie-Hellman Pairs
Finite Fields and Their Applications
Hi-index | 0.00 |
The discrete logarithm problem plays a central role in cryptographic protocols and computational number theory. To establish the exact complexity, not only of the discrete logarithm problem but also of its relatives, the Diffie--Hellman (DH) problem and the decision DH problem, is of some importance. These problems can be set in a variety of groups, and in some of these they can assume different characteristics. This work considers the bit complexity of the DH and the decision DH problems. It was previously shown by Boneh and Venkatesan that it is as hard to compute O(√n) of the most significant bits of the DH function, as it is to compute the whole function, implying that if the DH function is difficult then so is computing this number of bits of it. The main result of this paper is to show that if the decision DH problem is hard then computing the two most significant bits of the DH function is hard. To place the result in perspective a brief overview of relevant recent advances on related problems is given.