Results 1 
3 of
3
The Relationship Between Breaking the DiffieHellman Protocol and Computing Discrete Logarithms
, 1998
"... Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that re ..."
Abstract

Cited by 37 (3 self)
 Add to MetaCart
Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that reduces the computation of discrete logarithms in G to breaking the DiffieHellman protocol in G and has complexity p maxf(p i )g \Delta (log jGj) O(1) , where (p) stands for the minimum of the set of largest prime factors of all the numbers d in the interval [p \Gamma 2 p p+1; p+2 p p+ 1]. Under the unproven but plausible assumption that (p) is polynomial in log p, this reduction implies that the DiffieHellman problem and the discrete logarithm problem are polynomialtime equivalent in G. Second, it is proved that the DiffieHellman problem and the discrete logarithm problem are equivalent in a uniform sense for groups whose orders belong to certain classes: there exists a p...
The DiffieHellman Protocol
 DESIGNS, CODES, AND CRYPTOGRAPHY
, 1999
"... The 1976 seminal paper of Diffie and Hellman is a landmark in the history of cryptography. They introduced the fundamental concepts of a trapdoor oneway function, a publickey cryptosystem, and a digital signature scheme. Moreover, they presented a protocol, the socalled DiffieHellman protoco ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
The 1976 seminal paper of Diffie and Hellman is a landmark in the history of cryptography. They introduced the fundamental concepts of a trapdoor oneway function, a publickey cryptosystem, and a digital signature scheme. Moreover, they presented a protocol, the socalled DiffieHellman protocol, allowing two parties who share no secret information initially, to generate a mutual secret key. This paper summarizes the present knowledge on the security of this protocol.
Straight Line Programs and Torsion Points on Elliptic Curves
, 2002
"... In this paper, we show several connections between the Lconjecture, proposed by Bürgisser [3], and the boundedness theorem for the torsion points of elliptic curves. Assuming the W Lconjecture, which is a much weaker version of the Lconjecture, a sharper bound is obtained for the number of torsion ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
In this paper, we show several connections between the Lconjecture, proposed by Bürgisser [3], and the boundedness theorem for the torsion points of elliptic curves. Assuming the W Lconjecture, which is a much weaker version of the Lconjecture, a sharper bound is obtained for the number of torsion points over extensions of k on an elliptic curve over a number field k, which improves Masser’s result [10]. It is also shown that the Torsion Theorem for elliptic curves follows directly from the W Lconjecture. Since the current proof of the Torsion Theorem for elliptic curves uses considerable machinery from arithmetic geometry, and the W Lconjecture differs from the trivial lower bound only at a constant factor, this result provides an interesting example where increasing the constant factor in a trivial lower bound of straightline complexity is very difficult. Our result suggests that the Torsion Theorem may be viewed as a lower bound result in algebraic complexity, and a lot can be learned from the proof of the Uniformly Boundedness Theorem to construct the proofs the W Lconjecture and even the Lconjecture.