Advertisement

The solution of McCurley's discrete log challenge

  • Damian Weber
  • Thomas Denny
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1462)

Abstract

We provide the secret Diffie-Hellman-Key which is requested by Kevin McCurley's challenge of 1989. The DH-protocol in question has been carried out in (ℤ/pℤ) where p is a 129-digit prime of special form. Our method employed the Number Field Sieve. The linear algebra computation was done by the Lanczos algorithm.

Keywords

Discrete Logarithms Number Field Sieve Index Calculus Lanczos 

References

  1. 1.
    I. Biehl and J. Buchmann and Th. Papanikolaou. LiDIA — a library for computational number theory. Technical report, Universität des Saarlandes/Germany, 1995. http://www.informatik.th-darmstadt.de/TI/LiDIAGoogle Scholar
  2. 2.
    Th. F, Denny. Lösen grosser dünnbesetzter Gleichungssysteme über endlichen Primkörpern. PhD thesis, Universität des Saarlandes/Germany, 1997.Google Scholar
  3. 3.
    W. Diffie and M. Hellman. New directions in cryptography. IEEE Trans. Information Theory 22, pages pp. 472–492, 1976.MathSciNetCrossRefGoogle Scholar
  4. 4.
    T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Information Theory, 31:469–472, 1985.MATHMathSciNetCrossRefGoogle Scholar
  5. 5.
    D. Gordon. Discrete logarithms in GF(p) using the number field sieve. SIAM J. Discrete Math., 6:124–138, 1993.MATHMathSciNetCrossRefGoogle Scholar
  6. 6.
    D. E. Knuth and L. Trabb Pardo. Analysis of a simple factorization algorithm. Theoretical Computer Science, 3:321–348, 1976.MathSciNetCrossRefGoogle Scholar
  7. 7.
    M. LaMacchia and A. Odlyzko. Solving large sparse linear systems over finite fields. In Advances in Cryptology — Crypto '90, number 537 in Lecture Notes in Computer Science, pages 109–133, 1990.Google Scholar
  8. 8.
    M. LaMacchia and A. Odlyzko. Computation of discrete logarithms in prime fields. Designs, Codes and Cryptography, 1:46–62, 1991.MathSciNetCrossRefGoogle Scholar
  9. 9.
    A. K. Lenstra, H. W. Lenstra, Jr. (eds.). The development of the number field sieve. Number 1554 in Lecture Notes in Mathematics. Springer, 1993.Google Scholar
  10. 10.
    H. W. Lenstra, Jr. Factoring integers with elliptic curves. Ann. of Math., 126:649–673, 1987.MATHMathSciNetCrossRefGoogle Scholar
  11. 11.
    K. S. McCurley. The discrete logarithm problem. In Cryptology and Computational Number Theory, number 42 in Proc. Symp. in Applied Mathematics, pages 49–74. American Mathematical Society, 1990.Google Scholar
  12. 12.
    P. L. Montgomery. Modular multiplication without trial division. Math. Comp., 44:519–521, 1985.MATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    V. Müller and Th. F. Denny. On the reduction of composed relations from the number field sieve. In H. Cohen, editor, Algorithmic Number Theory — ANTS II, number 1122 in Lecture Notes in Computer Science, 1996.Google Scholar
  14. 14.
    National Bureau of Standards. Digital signature standard, 1994. FIPS Publication 186.Google Scholar
  15. 15.
    J. M. Pollard. The lattice sieve. Number 1554 in Lecture Notes in Mathematics. Springer, 1993.Google Scholar
  16. 16.
    C. Pomerance and S. S. Wagstaff. Implementation of the continued fraction integer factoring algorithm. In Proc.12th Manitoba Conf., Winnipeg/Manitoba 1982, Congr. Numerantium, volume 37 of Numerical mathematics and computing, pages 99–118, 1983.MATHMathSciNetGoogle Scholar
  17. 17.
    O. Schirokauer. Discrete logarithms and local units. Phil. Trans. R. Soc. Lond. A 345, pages 409–423, 1993.MATHMathSciNetGoogle Scholar
  18. 18.
    O. Schirokauer, D. Weber, and Th. F. Denny. Discrete logarithms: the effectiveness of the index calculus method. In H. Cohen, editor, Algorithmic Number Theory — ANTS II, number 1122 in Lecture Notes in Computer Science, 1996.Google Scholar
  19. 19.
    D. Shanks. Solved and unsolved problems in number theory (3rd ed.). Chelsea Publishing Company, 1985.Google Scholar
  20. 20.
    D. Weber. Computing discrete logarithms with quadratic number rings. In Eurocrypt'98, Lecture Notes in Computer Science, 1998. To appear.Google Scholar
  21. 21.
    D. Weber. Computing discrete logarithms with the number field sieve. In H. Cohen, editor, Algorithmic Number Theory — ANTS II, number 1122 in Lecture Notes in Computer Science, 1996.Google Scholar
  22. 22.
    D. Weber. On the computation of discrete logarithms in finite prime fields. PhD thesis, Universität des Saarlandes/Germany, 1997.Google Scholar
  23. 23.
    D. Weber. An implementation of the number field sieve to compute discrete logarithms mod p. Advances in Cryptology — Eurocrypt'95. number 921 in Lecture Notes in Computer Science, 1995.Google Scholar
  24. 24.
    J. Zayer. Faktorisieren mit dem Number Field Sieve. PhD thesis, Universität des Saarlandes/Germany, 1995.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Damian Weber
    • 1
  • Thomas Denny
    • 2
  1. 1.Institut für Techno- und WirtschaftsmathematikKaiserslautern
  2. 2.Debis IT Security ServicesBonn

Personalised recommendations