68 research outputs found

    Divisibility, Smoothness and Cryptographic Applications

    Get PDF
    This paper deals with products of moderate-size primes, familiarly known as smooth numbers. Smooth numbers play a crucial role in information theory, signal processing and cryptography. We present various properties of smooth numbers relating to their enumeration, distribution and occurrence in various integer sequences. We then turn our attention to cryptographic applications in which smooth numbers play a pivotal role

    Finding twin smooth integers by solving Pell equations

    Full text link
    Any pair of consecutive B-smooth integers for a given smoothness bound B corresponds to a solution (x, y) of the equation x^2 - 2Dy^2 = 1 for a certain square-free, B-smooth integer D and a B-smooth integer y. This paper describes algorithms to find such twin B-smooth integers that lie in a given interval by using the structure of solutions of the above Pell equation. The problem of finding such twin smooth integers is motivated by the quest for suitable parameters to efficiently instantiate recent isogeny-based cryptosystems. While the Pell equation structure of twin B-smooth integers has previously been used to describe and compute the full set of such pairs for very small values of B, increasing B to allow for cryptographically sized solutions makes this approach utterly infeasible. We start by revisiting the Pell solution structure of the set of twin smooth integers. Instead of using it to enumerate all twin smooth pairs, we focus on identifying only those that lie in a given interval. This restriction allows us to describe algorithms that navigate the vast set of Pell solutions in a more targeted way. Experiments run with these algorithms have provided examples of twin B-smooth pairs that are larger and have smaller smoothness bound B than previously reported pairs. Unfortunately, those examples do not yet provide better parameters for cryptography, but we hope that our methods can be generalized or used as subroutines in future work to achieve that goal

    Discrete logarithms in curves over finite fields

    Get PDF
    A survey on algorithms for computing discrete logarithms in Jacobians of curves over finite fields

    Solving discrete logarithms on a 170-bit MNT curve by pairing reduction

    Get PDF
    Pairing based cryptography is in a dangerous position following the breakthroughs on discrete logarithms computations in finite fields of small characteristic. Remaining instances are built over finite fields of large characteristic and their security relies on the fact that the embedding field of the underlying curve is relatively large. How large is debatable. The aim of our work is to sustain the claim that the combination of degree 3 embedding and too small finite fields obviously does not provide enough security. As a computational example, we solve the DLP on a 170-bit MNT curve, by exploiting the pairing embedding to a 508-bit, degree-3 extension of the base field.Comment: to appear in the Lecture Notes in Computer Science (LNCS

    New Discrete Logarithm Computation for the Medium Prime Case Using the Function Field Sieve

    Get PDF
    International audienceThe present work reports progress in discrete logarithm computation for the general medium prime case using the function field sieve algorithm. A new record discrete logarithm computation over a 1051-bit field having a 22-bit characteristic was performed. This computation builds on and implements previously known techniques. Analysis indicates that the relation collection and descent steps are within reach for fields with 32-bit characteristic and moderate extension degrees. It is the linear algebra step which will dominate the computation time for any discrete logarithm computation over such fields

    Computing endomorphism rings of elliptic curves under the GRH

    Get PDF
    We design a probabilistic algorithm for computing endomorphism rings of ordinary elliptic curves defined over finite fields that we prove has a subexponential runtime in the size of the base field, assuming solely the generalized Riemann hypothesis. Additionally, we improve the asymptotic complexity of previously known, heuristic, subexponential methods by describing a faster isogeny-computing routine.Comment: 11 pages, 1 figur

    Computation of Discrete Logarithms in GF(2^607)

    No full text
    International audienceWe describe in this article how we have been able to extend the record for computations of discrete logarithms in characteristic 2 from the previous record over GF(2^503) to a newer mark of GF(2^607), using Coppersmith's algorithm. This has been made possible by several practical improvements to the algorithm. Although the computations have been carried out on fairly standard hardware, our opinion is that we are nearing the current limits of the manageable sizes for this algorithm, and that going substantially further will require deeper improvements to the method
    • …
    corecore