Journal of Cryptology

, Volume 24, Issue 1, pp 24–41 | Cite as

An L(1/3) Discrete Logarithm Algorithm for Low Degree Curves

Article

Abstract

We present an algorithm for solving the discrete logarithm problem in Jacobians of families of plane curves whose degrees in X and Y are low with respect to their genera. The finite base fields \(\mathbb{F}_{q}\) are arbitrary, but their sizes should not grow too fast compared to the genus. For such families, the group structure and discrete logarithms can be computed in subexponential time of \(L_{q^{g}}(1/3,O(1))\). The runtime bounds rely on heuristics similar to the ones used in the number field sieve or the function field sieve.

Keywords

Algebraic curve Discrete logarithm Subexponentiality 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    L.M. Adleman, M.-D. Huang, Function field sieve methods for discrete logarithms over finite fields. Inf. Comput. 151(1), 5–16 (1999) MATHCrossRefMathSciNetGoogle Scholar
  2. [2]
    L.M. Adleman, J. DeMarrais, M.-D. Huang, A subexponential algorithm for discrete logarithms over the rational subgroup of the Jacobians of large genus hyperelliptic curves over finite fields, in ANTS-I, ed. by L. Adleman, M.-D. Huang. Lecture Notes in Comput. Sci., vol. 877 (Springer, Berlin, 1994), pp. 28–40 Google Scholar
  3. [3]
    R.L. Bender, C. Pomerance, Rigorous discrete logarithm computations in finite fields via smooth polynomials, in Computational Perspectives on Number Theory: Proceedings of a Conference in Honor of A.O.L. Atkin, ed. by D.A. Buell, J.T. Teitelbaum. Studies in Advanced Mathematics, vol. 7 (American Mathematical Society, Providence, 1998), pp. 221–232 Google Scholar
  4. [4]
    J.P. Buhler, A.K. Lenstra, J.M. Pollard, Factoring integers with the number field sieve, in The development of the number field sieve, ed. by A.K. Lenstra, H.W. Lenstra Jr. Lecture Notes in Math., vol. 1554 (Springer, Berlin, 1993), pp. 50–94 CrossRefGoogle Scholar
  5. [5]
    W. Castryck, H. Hubrechts, F. Vercauteren, Computing zeta functions in families of C ab curves using deformation, in ANTS-VIII, ed. by A. van der Poorten, A. Stein. Lecture Notes in Comput. Sci., vol. 5011 (Springer, Berlin, 2008), pp. 296–311 Google Scholar
  6. [6]
    D. Coppersmith, Fast evaluation of logarithms in fields of characteristic two. IEEE Trans. Inf. Theory IT–30(4), 587–594 (1984) CrossRefMathSciNetGoogle Scholar
  7. [7]
    J.-M. Couveignes, Algebraic groups and discrete logarithm, in Public-key Cryptography and Computational Number Theory (de Gruyter, Berlin, 2001), pp. 17–27 Google Scholar
  8. [8]
    C. Diem, An index calculus algorithm for non-singular plane curves of high genus (2006). Talk at ECC 2006 Workshop, slides available at http://www.cacr.math.uwaterloo.ca/conferences/2006/ecc2006/diem.pdf.
  9. [9]
    C. Diem, An index calculus algorithm for plane curves of small degree, in ANTS-VII, ed. by F. Heß, S. Pauli, M. Pohst. Lecture Notes in Comput. Sci., vol. 4076 (Springer, Berlin, 2006), pp. 543–557 Google Scholar
  10. [10]
    C. Diem, E. Thomé, Index calculus in class groups of non-hyperelliptic curves of genus three. J. Cryptol. 21, 593–611 (2008) MATHCrossRefGoogle Scholar
  11. [11]
    A. Enge, Computing discrete logarithms in high-genus hyperelliptic Jacobians in provably subexponential time. Math. Comput. 71, 729–742 (2002) MATHMathSciNetGoogle Scholar
  12. [12]
    A. Enge, Discrete logarithms in curves over finite fields, in Finite Fields and Applications, ed. by G.L. Mullen, D. Panario, I.E. Shparlinski. Contemporary Mathematics, vol. 461 (American Mathematical Society, Providence, 2008), pp. 119–139 Google Scholar
  13. [13]
    A. Enge, P. Gaudry, A general framework for subexponential discrete logarithm algorithms. Acta Arith. 102, 83–103 (2002) MATHCrossRefMathSciNetGoogle Scholar
  14. [14]
    A. Enge, P. Gaudry, An L(1/3+ε) algorithm for the discrete logarithm problem for low degree curves, in Advances in Cryptology—EUROCRYPT 2007, ed. by M. Naor. Lecture Notes in Comput. Sci., vol. 4515 (Springer, Berlin, 2007), pp. 379–393 CrossRefGoogle Scholar
  15. [15]
    A. Enge, A. Stein, Smooth ideals in hyperelliptic function fields. Math. Comput. 71, 1219–1230 (2002) MATHMathSciNetGoogle Scholar
  16. [16]
    P. Gaudry, E. Thomé, N. Thériault, C. Diem, A double large prime variation for small genus hyperelliptic index calculus. Math. Comput. 76, 475–492 (2007) MATHCrossRefGoogle Scholar
  17. [17]
    D.M. Gordon, Discrete logarithms in GF(p) using the number field sieve. SIAM J. Discrete Math. 6(1), 124–138 (1993) MATHCrossRefMathSciNetGoogle Scholar
  18. [18]
    F. Heß, Computing Riemann–Roch spaces in algebraic function fields and related topics. J. Symb. Comput. 33, 425–445 (2002) MATHCrossRefGoogle Scholar
  19. [19]
    F. Heß, Computing relations in divisor class groups of algebraic curves over finite fields. Preprint (2004) Google Scholar
  20. [20]
    A.G.B. Lauder, D. Wan, Counting points on varieties over finite fields of small characteristic, in Algorithmic Number Theory: Lattices, Number Fields, Curves and Cryptography, ed. by J.P. Buhler, P. Stevenhagen. Mathematical Sciences Research Institute Publications, vol. 44 (Cambridge University Press, Cambridge, 2008), pp. 579–612 Google Scholar
  21. [21]
    E. Manstavičius, Semigroup elements free of large prime factors, in New Trends in Probability and Statistic, ed. by F. Schweiger, E. Manstavičius (1992), pp. 135–153 Google Scholar
  22. [22]
    M. Minzlaff, Computing zeta functions of superelliptic curves in larger characteristic, in Proc. 1st International Conference on Symbolic Computation and Cryptography (SCC08) (2008) Google Scholar
  23. [23]
    S. Miura, Linear codes on affine algebraic curves. IEICE Transactions J81-A, 1398–1421 (1998). In Japanese. English summary by Ryutaroh Matsumoto available at http://www.rmatsumoto.org/cab.pdf Google Scholar
  24. [24]
    V. Müller, A. Stein, C. Thiel, Computing discrete logarithms in real quadratic congruence function fields of large genus. Math. Comput. 68(226), 807–822 (1999) MATHCrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2010

Authors and Affiliations

  • Andreas Enge
    • 1
  • Pierrick Gaudry
    • 2
  • Emmanuel Thomé
    • 2
  1. 1.INRIA, CNRSUniversité de BordeauxTalenceFrance
  2. 2.INRIA, CNRSNancy UniversitéVillers-lès-NancyFrance

Personalised recommendations