Results 1 
8 of
8
Discrete Logarithms in Finite Fields and Their Cryptographic Significance
, 1984
"... Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its appl ..."
Abstract

Cited by 87 (6 self)
 Add to MetaCart
Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its applicability in cryptography. Several cryptographic systems would become insecure if an efficient discrete logarithm algorithm were discovered. This paper surveys and analyzes known algorithms in this area, with special attention devoted to algorithms for the fields GF(2 n ). It appears that in order to be safe from attacks using these algorithms, the value of n for which GF(2 n ) is used in a cryptosystem has to be very large and carefully chosen. Due in large part to recent discoveries, discrete logarithms in fields GF(2 n ) are much easier to compute than in fields GF(p) with p prime. Hence the fields GF(2 n ) ought to be avoided in all cryptographic applications. On the other hand, ...
The efficiency and security of a real quadratic field based key exchange protocol
 DE GRUYTER
, 2001
"... Most cryptographic key exchange protocols make use of the presumed difficulty of solving the discrete logarithm problem (DLP) in a certain finite group as the basis of their security. Recently, real quadratic number fields have been proposed for use in the development of such protocols. Breaking suc ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
Most cryptographic key exchange protocols make use of the presumed difficulty of solving the discrete logarithm problem (DLP) in a certain finite group as the basis of their security. Recently, real quadratic number fields have been proposed for use in the development of such protocols. Breaking such schemes is known to be at least as difficult a problem as integer factorization; furthermore, these are the first discrete logarithm based systems to utilize a structure which is not a group, specifically the collection of reduced ideals which belong to the principal class of the number field. For this structure the DLP is essentially that of determining a generator of a given principal ideal. Unfortunately, there are a few implementationrelated disadvantages to these schemes, such as the need for high precision floating point arithmetic and an ambiguity problem that requires a short, second round of communication. In this paper we describe work that has led to the resolution of some of these difficulties. Furthermore, we discuss the security of the system, concentrating on the most recent techniques for solving the DLP in a real quadratic number field.
A Note on Cyclic Groups, Finite Fields, and the Discrete Logarithm Problem
 Applicable Algebra in Engineering, Communication and Computing
, 1992
"... We show how the discrete logarithm problem in some finite cyclic groups can easily be reduced to the discrete logarithm problem in a finite field. The cyclic groups that we consider are the set of points on a singular elliptic curve over a finite field, the set of points on a genus 0 curve over a fi ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
We show how the discrete logarithm problem in some finite cyclic groups can easily be reduced to the discrete logarithm problem in a finite field. The cyclic groups that we consider are the set of points on a singular elliptic curve over a finite field, the set of points on a genus 0 curve over a finite field given by the Pell equation, and certain subgroups of the general linear group.
Cryptanalysis of the CFVZ cryptosystem
, 2006
"... The paper analyzes a new public key cryptosystem whose security is based on a matrix version of the discrete logarithm problem over an elliptic curve. ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
The paper analyzes a new public key cryptosystem whose security is based on a matrix version of the discrete logarithm problem over an elliptic curve.
On the DiffieHellman problem over GL_n
, 2005
"... This paper considers the DiffieHellman problem (DHP) over the matrix group GL_n over finite fields and shows that for matrices A and exponents k, l satisfying certain conditions called the modulus conditions, the problem can be solved without solving the discrete logarithm problem (DLP) involving o ..."
Abstract
 Add to MetaCart
This paper considers the DiffieHellman problem (DHP) over the matrix group GL_n over finite fields and shows that for matrices A and exponents k, l satisfying certain conditions called the modulus conditions, the problem can be solved without solving the discrete logarithm problem (DLP) involving only polynomial number of operations in n. A specialization of this result to DHP on F # p m shows that there exists a class of session triples of a DH scheme for which the DHP can be solved in time polynomial in m by operations over F p without solving the DLP. The private keys of such triples are termed weak. A sample of weak keys is computed and it is observed that their number is not too insignificant to be ignored. Next a specialization of the analysis is carried out for pairing based DH schemes on supersingular elliptic curves and it is shown that for an analogous class of session triples, the DHP can be solved without solving the DLP in polynomial number of operations in the embedding degree. A list of weak parameters of the DH scheme is developed on the basis of this analysis.
Cryptanalysis of a key exchange scheme based on block matrices
, 2009
"... In this paper we describe a cryptanalysis of a key exchange scheme recently proposed by Álvarez, Tortosa, Vicent and Zamora. The scheme is based on exponentiation of block matrices over a finite field of prime order. We present an efficient reduction of the problem of disclosing the shared key to th ..."
Abstract
 Add to MetaCart
In this paper we describe a cryptanalysis of a key exchange scheme recently proposed by Álvarez, Tortosa, Vicent and Zamora. The scheme is based on exponentiation of block matrices over a finite field of prime order. We present an efficient reduction of the problem of disclosing the shared key to the discrete logarithm problem (DLP) in an extension of the base field.
QUANTUM ALGORITHM FOR THE DISCRETE LOGARITHM PROBLEM FOR MATRICES OVER FINITE GROUP RINGS
"... Abstract. We propose a polynomial time quantum algorithm for solving the discrete logarithm problem in matrices over finite group rings. The hardness of this problem was recently employed in the design of a keyexchange protocol proposed by D. Kahrobaei, C. Koupparis, and V. Shpilrain [4]. Our resul ..."
Abstract
 Add to MetaCart
Abstract. We propose a polynomial time quantum algorithm for solving the discrete logarithm problem in matrices over finite group rings. The hardness of this problem was recently employed in the design of a keyexchange protocol proposed by D. Kahrobaei, C. Koupparis, and V. Shpilrain [4]. Our result implies that the Kahrobaei et al. protocol does not belong to the realm of postquantum cryptography. Keywords and phrases: Groupbased cryptography, semidirect product, matrix monoids, grouprings, DiffieHellman, keyexchange, discrete logarithm problem, quantum algorithms, postquantum cryptography.
Weak keys of the DiffieHellman key exchange I
, 2005
"... This paper investigates the DiffieHellman key exchange scheme over the group F ∗ p m of nonzero elements of finite fields and shows that there exist exponents k, l satisfying certain conditions called the modulus conditions, for which the Diffie Hellman Problem (DHP) can be solved in polynomial num ..."
Abstract
 Add to MetaCart
This paper investigates the DiffieHellman key exchange scheme over the group F ∗ p m of nonzero elements of finite fields and shows that there exist exponents k, l satisfying certain conditions called the modulus conditions, for which the Diffie Hellman Problem (DHP) can be solved in polynomial number of operations in m without solving the discrete logarithm problem (DLP). These special private keys of the scheme are termed weak and depend also on the generator a of the cyclic group. More generally the triples (a,k,l) with generator a and one of private keys k,l weak, are called weak triples. A sample of weak keys is computed and it is observed that their number may not be insignificant to be ignored in general. Next, an extension of the analysis and weak triples is carried out for the Diffie Hellman scheme over the matrix group GLn and it is shown that for an analogous class of session triples, the DHP can be solved without solving the DLP in polynomial number of operations in the matrix size n. A revised Diffie Hellman assumption is stated, taking into account the above exceptions.