Skip to main content
Log in

Improving the Gaudry–Schost algorithm for multidimensional discrete logarithms

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

The discrete logarithm problem arises from various areas, including counting the number of points of certain curves and diverse cryptographic schemes. The Gaudry–Schost algorithm and its variants are state-of-the-art low-memory methods solving the multi-dimensional discrete logarithm problem through finding collisions between pseudorandom tame walks and wild walks. In this work, we explore the impact on the choice of tame and wild sets of the Gaudry–Schost algorithm, and give two variants with improved average case time complexity for the multidimensional case under certain heuristic assumptions. We explain why the second method is asymptotically optimal.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Bernstein D.J., Lange T.: Two grumpy giants and a baby. In: Howe E.W., Kedlaya K.S. (eds.) Proceedings of the Tenth Algorithmic Number Theory Symposium, pp. 87–111. Springer, New York (2013).

    Google Scholar 

  2. Brands S.: An efficient off-line electronic cash system based on the representation problem. CWI Technical Report CS-R9323 (1993).

  3. Cramer R., Shoup V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Annual International Cryptology Conference, pp. 13–25. Springer, New York (1998).

  4. Cramer R., Gennaro R., Schoenmakers B.: A secure and optimally efficient multi-authority election scheme. In: Fumy W. (ed.) Advances in Cryptology: EUROCRYPT, vol. 1233, pp. 103–118. Lecture Notes in Computer Science. Springer, New York (1997).

    Google Scholar 

  5. Diffie W., Hellman M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976).

    Article  MathSciNet  Google Scholar 

  6. ElGamal T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985).

    Article  MathSciNet  Google Scholar 

  7. Galbraith S., Ruprai R.S.: An improvement to the Gaudry–Schost algorithm for multidimensional discrete logarithm problems. In: IMA International Conference on Cryptography and Coding, pp. 368–382. Springer, New York (2009).

  8. Galbraith S.D., Ruprai R.S.: Using equivalence classes to accelerate solving the discrete logarithm problem in a short interval. In: International Workshop on Public Key Cryptography, pp. 368–383. Springer, New York (2010).

  9. Galbraith S.D.: Mathematics of Public Key Cryptography. Cambridge University Press, Cambridge (2012).

    Book  Google Scholar 

  10. Galbraith S.D., Holmes M.: A non-uniform birthday problem with applications to discrete logarithms. Discret. Appl. Math. 160(10–11), 1547–1560 (2012).

    Article  MathSciNet  Google Scholar 

  11. Galbraith S.D., Ruprai R.S.: Using equivalence classes to accelerate solving the discrete logarithm problem in a short interval. In: Nguyen P.Q., Pointcheval D. (eds.) Public Key Cryptography: PKC, vol. 6056, pp. 368–383. Lecture Notes in Computer Science. Springer, New York (2010).

    Google Scholar 

  12. Galbraith S., Pollard J., Ruprai R.: Computing discrete logarithms in an interval. Math. Comput. 82(282), 1181–1195 (2013).

    Article  MathSciNet  Google Scholar 

  13. Gallant R.P., Lambert R.J., Vanstone S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian J. (ed.) Advances in Cryptology: CRYPTO 2001, pp. 190–200. Springer, Berlin (2001).

    Chapter  Google Scholar 

  14. Gaudry P., Schost É.: A low-memory parallel version of matsuo, chao, and tsujii’s algorithm. In: International Algorithmic Number Theory Symposium, pp. 208–222. Springer, New York (2004).

  15. Gaudry P., Harley R.: Counting points on hyperelliptic curves over finite fields. In: Bosma W. (ed.) ANTS-IV, vol. 1838, pp. 313–332. Lecture Notes in Computer Science. Springer, New York (2000).

    Google Scholar 

  16. Johnson D., Menezes A., Vanstone S.: The elliptic curve digital signature algorithm (ecdsa). Int. J. Inf. Secur. 1(1), 36–63 (2001).

    Article  Google Scholar 

  17. Matsuo K., Chao J., Tsujii S.: An improved baby step giant step algorithm for point counting of hyperelliptic curves over finite fields. In: Fieker C., Kohel D.R. (eds.) ANTS-V, vol. 2369, pp. 461–474. Lecture Notes in Computer Science. Springer, New York (2002).

    Google Scholar 

  18. Nikolaev M.V.: On the complexity of two-dimensional discrete logarithm problem in a finite cyclic group with efficient automorphism. Math. Voprosy Kriptogr. 6(2), 45–57 (2015).

    Article  MathSciNet  Google Scholar 

  19. Nikolaev M.V.: Modified Gaudry Schost algorithm for the two-dimensional discrete logarithm problem. Math. Voprosy Kriptogr. 11(2), 125–135 (2020).

    Article  MathSciNet  Google Scholar 

  20. Pollard J.M.: Monte Carlo methods for index computation(mod p). Math. Comput. 32(143), 918–924 (1978).

    MathSciNet  MATH  Google Scholar 

  21. Ruprai R.: Improvements to the Gaudry–Schost Algorithm for Multidimensional Discrete Logarithm Problems and Applications. Ph.D. thesis, Royal Holloway University of London (2010).

  22. Schnorr C.P.: Efficient identification and signatures for smart cards. In: Conference on the Theory and Application of Cryptology, pp. 239–252. Springer, New York (1989).

  23. Selivanov B.I.: On waiting time in the scheme of random allocation of coloured particies. Discret. Math. Appl. 5(1), 73–82 (1995).

    Article  Google Scholar 

  24. Shanks D.: Class number, a theory of factorization, and genera. Proc. Symp. Math. Soc. 20, 41–440 (1971).

    MATH  Google Scholar 

  25. Van Oorschot P.C., Wiener M.J.: Parallel collision search with cryptanalytic applications. J. Cryptol. 12(1), 1–28 (1999).

    Article  MathSciNet  Google Scholar 

  26. Zhu Y., Zhuang J., Yi H., Lv C., Lin D.: A variant of the Galbraith–Ruprai algorithm for discrete logarithms with improved complexity. Des. Codes Cryptogr. 87(5), 971–986 (2019).

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgements

This work was partially supported by the National Key Research and Development Project (Grant No. 2018YFA0704702) and the Major Basic Research Project of Natural Science Foundation of Shandong Province, China (Grant No. ZR202010220025). The authors thank the editor and anonymous reviewers for very helpful suggestions which improved the paper.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Jincheng Zhuang.

Additional information

Communicated by S. D. Galbraith.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, H., Zhuang, J. Improving the Gaudry–Schost algorithm for multidimensional discrete logarithms. Des. Codes Cryptogr. 90, 107–119 (2022). https://doi.org/10.1007/s10623-021-00966-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-021-00966-5

Keywords

Mathematics Subject Classification

Navigation