On the Discrete Logarithm Problem on Algebraic Tori
Using a recent idea of Gaudry and exploiting rational representations of algebraic tori, we present an index calculus type algorithm for solving the discrete logarithm problem that works directly in these groups. Using a prototype implementation, we obtain practical upper bounds for the difficulty of solving the DLP in the tori $T_2(\mathbb{F}{p^m})$ and $T_6(\mathbb{F}{p^m})$ for various $p$ and $m$. Our results do not affect the security of the cryptosystems LUC, XTR, or CEILIDH over prime fields. However, the practical efficiency of our method against other methods needs further examining, for certain choices of p and m in regions of cryptographic interest.
2005
Lecture Notes in Computer Science; 3621
66
85
REVIEWED
Event name | Event place | Event date |
Santa Barbara, California, USA | August 14-18, 2005 | |