Results 1 
5 of
5
Discrete Logarithms in Finite Fields and Their Cryptographic Significance
, 1984
"... Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its appl ..."
Abstract

Cited by 87 (6 self)
 Add to MetaCart
Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its applicability in cryptography. Several cryptographic systems would become insecure if an efficient discrete logarithm algorithm were discovered. This paper surveys and analyzes known algorithms in this area, with special attention devoted to algorithms for the fields GF(2 n ). It appears that in order to be safe from attacks using these algorithms, the value of n for which GF(2 n ) is used in a cryptosystem has to be very large and carefully chosen. Due in large part to recent discoveries, discrete logarithms in fields GF(2 n ) are much easier to compute than in fields GF(p) with p prime. Hence the fields GF(2 n ) ought to be avoided in all cryptographic applications. On the other hand, ...
A Knapsack Type Public Key Cryptosystem Based On Arithmetic in Finite Fields
 IEEE Trans. Inform. Theory
, 1988
"... { A new knapsack type public key cryptosystem is introduced. The system is based on a novel application of arithmetic in nite elds, following a construction by Bose and Chowla. By appropriately choosing the parameters, one can control the density of the resulting knapsack, which is the ratio between ..."
Abstract

Cited by 35 (2 self)
 Add to MetaCart
{ A new knapsack type public key cryptosystem is introduced. The system is based on a novel application of arithmetic in nite elds, following a construction by Bose and Chowla. By appropriately choosing the parameters, one can control the density of the resulting knapsack, which is the ratio between the number of elements in the knapsack and their size in bits. In particular, the density can be made high enough to foil \low density" attacks against our system. At the moment, no attacks capable of \breaking" this system in a reasonable amount of time are known. Research supported by NSF grant MCS{8006938. Part of this research was done while the rst author was visiting Bell Laboratories, Murray Hill, NJ. A preliminary version of this work was presented in Crypto 84 and has appeared in [8]. 1 1.
Security of an IdentityBased Cryptosystem and the Related Reductions
 In Advances in Cryptology, Eurocrypt'98, LNCS 1403
, 1998
"... Abstract. Recently an efficient solution to the discrete logarithm problem on elliptic curves over F, with p points (p: prime), socalled anornalous curues, was independently discovered by Semaev [14], Smart [17], and Satoh and Araki [12]. Since the solution is very efficient, i.e., 0(lpl3), the S ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Abstract. Recently an efficient solution to the discrete logarithm problem on elliptic curves over F, with p points (p: prime), socalled anornalous curues, was independently discovered by Semaev [14], Smart [17], and Satoh and Araki [12]. Since the solution is very efficient, i.e., 0(lpl3), the SemaevSmartSatohAraki (SSSA) algorithm implies the possibility of realizing a trapdoor for the discrete logarithm problem, and we have tried to utilize the SSSA algorithm for constructing a cryptographic scheme. One of our trials was to realize an identitybased cryptosystem (keydistribution) which has been proven to be as secure as a primitive problem, called the DiffieHellman problem on an elliptic curve over Z/nZ (n = pq, p and q are primes) where Ep and E, are anomalous curves (anomalous EnDiffieHellman problem). Unfortunately we have found that the anomalous EnDiffieHellman problem is not secure (namely, our scheme is not secure). First, this paper introduces our trial of realizing an identitybased cryptosystem based on the SSSA algorithm, and then shows why the anomalous EnDiffieHellman problem is not secure. In addition, we generalize the observation of our breaking algorithm and present reductions of factoring n to computing the order ’ of an elliptic curve over Z/nZ. (These reductions roughly imply the equivalence of intractability between factoring and computing elliptic curve’s order.) The algorithm of breaking our identitybased cryptosystem is considered to be a special case of these reductions, and the essential reason why our system was broken can be clarified through these reductions: En in our system is a very specific curve such that the order of En (i.e., n) is trivially known.
Finite fields and cryptology
 COMPUTER SCIENCE JOURNAL OF MOLDOVA, VOL.11, NO.2(32)
, 2003
"... The problem of a computationally feasible method of finding the discrete logarithm in a (large) finite field is discussed, presenting the main algorithms in this direction. Some cryptographic schemes based on the discrete logarithm are presented. Finally, the theory of linear recurring sequences is ..."
Abstract
 Add to MetaCart
The problem of a computationally feasible method of finding the discrete logarithm in a (large) finite field is discussed, presenting the main algorithms in this direction. Some cryptographic schemes based on the discrete logarithm are presented. Finally, the theory of linear recurring sequences is outlined, in relation to its applications in cryptology.