Abstract
The difficulty of computing discrete logarithms in fields \(\mathbb{F}_{q^k}\) depends on the relative sizes of k and q. Until recently all the cases had a sub-exponential complexity of type L(1/3), similar to the factorization problem. In 2013, Joux designed a new algorithm with a complexity of L(1/4 + ε) in small characteristic. In the same spirit, we propose in this article another heuristic algorithm that provides a quasi-polynomial complexity when q is of size at most comparable with k. By quasi-polynomial, we mean a runtime of n O(logn) where n is the bit-size of the input. For larger values of q that stay below the limit \(L_{q^k}(1/3)\), our algorithm loses its quasi-polynomial nature, but still surpasses the Function Field Sieve. Complexity results in this article rely on heuristics which have been checked experimentally.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Adj, G., et al.: Weakness of \(\mathbb{F}_{3^{6 \cdot 509}}\) for discrete logarithm cryptography. In: Cao, Z., Zhang, F. (eds.) Pairing 2013. LNCS, vol. 8365, pp. 20–44. Springer, Heidelberg (2014)
Adleman, L.: A subexponential algorithm for the discrete logarithm problem with applications to cryptography. In: 20th Annual Symposium on Foundations of Computer Science, pp. 55–60. IEEE (1979)
Adleman, L.: The function field sieve. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol. 877, pp. 108–121. Springer, Heidelberg (1994)
Blake, I.F., Fuji-Hara, R., Mullin, R.C., Vanstone, S.A.: Computing logarithms in finite fields of characteristic two. SIAM J. Alg. Disc. Meth. 5(2), 276–285 (1984)
Cheng, Q., Wan, D., Zhuang, J.: Traps to the BGJT-algorithm for discrete logarithms. Cryptology ePrint Archive, Report 2013/673 (2013), http://eprint.iacr.org/2013/673/
Coppersmith, D.: Fast evaluation of logarithms in fields of characteristic two. IEEE Transactions on Information Theory 30(4), 587–594 (1984)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Göloglu, F., Granger, R., McGuire, G., Zumbrägel, J.: Discrete logarithm in GF(21971) (February 2013), Announcement to the NMBRTHRY list
Göloglu, F., Granger, R., McGuire, G., Zumbrägel, J.: Discrete logarithm in GF(26120) (April 2013), Announcement to the NMBRTHRY list
Göloğlu, F., Granger, R., McGuire, G., Zumbrägel, J.: On the Function Field Sieve and the Impact of Higher Splitting Probabilities. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 109–128. Springer, Heidelberg (2013)
Gordon, D.M.: Discrete logarithms in GF(p) using the number field sieve. SIAM Journal on Discrete Mathematics 6(1), 124–138 (1993)
Joux, A.: Discrete logarithm in GF(21778) (February 2013), Announcement to the NMBRTHRY list
Joux, A.: Discrete logarithm in GF(24080) (March 2013), Announcement to the NMBRTHRY list
Joux, A.: Discrete logarithm in GF(26168) (May 2013), Announcement to the NMBRTHRY list
Joux, A.: Faster index calculus for the medium prime case application to 1175-bit and 1425-bit finite fields. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 177–193. Springer, Heidelberg (2013)
Joux, A.: A new index calculus algorithm with complexity L(1/4 + o(1)) in very small characteristic. Cryptology ePrint Archive, Report 2013/095 (2013)
Joux, A., Lercier, R.: The function field sieve in the medium prime case. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 254–270. Springer, Heidelberg (2006)
Joux, A., Lercier, R., Smart, N., Vercauteren, F.: The number field sieve in the medium prime case. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 326–344. Springer, Heidelberg (2006)
Panario, D., Gourdon, X., Flajolet, P.: An analytic approach to smooth polynomials over finite fields. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 226–236. Springer, Heidelberg (1998)
Pohlig, S., Hellman, M.: An improved algorithm for computing logarithms over GF(p) and its cryptographic signifiance. IEEE Transactions on Information Theory 24(1), 106–110 (1978)
Stinson, D.R.: Combinatorial designs: constructions and analysis. Springer (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 International Association for Cryptologic Research
About this paper
Cite this paper
Barbulescu, R., Gaudry, P., Joux, A., Thomé, E. (2014). A Heuristic Quasi-Polynomial Algorithm for Discrete Logarithm in Finite Fields of Small Characteristic. In: Nguyen, P.Q., Oswald, E. (eds) Advances in Cryptology – EUROCRYPT 2014. EUROCRYPT 2014. Lecture Notes in Computer Science, vol 8441. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55220-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-55220-5_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55219-9
Online ISBN: 978-3-642-55220-5
eBook Packages: Computer ScienceComputer Science (R0)