Small generic hardcore subsets for the discrete logarithm : short secret DL-keys
- Let G be a group of prime order q with generator g. We study hardcore subsets H is include in G of the discrete logarithm (DL) log g in the model of generic algorithms. In this model we count group operations such as multiplication, division while computations with non-group data are for free. It is known from Nechaev (1994) and Shoup (1997) that generic DL-algorithms for the entire group G must perform p2q generic steps. We show that DL-algorithms for small subsets H is include in G require m/ 2 + o(m) generic steps for almost all H of size #H = m with m <= sqrt(q). Conversely, m/2 + 1 generic steps are su±cient for all H is include in G of even size m. Our main result justifies to generate secret DL-keys from seeds that are only 1/2 * log2 q bits long.
Download full text files
Additional Services
| Author: | Claus Peter SchnorrGND |
|---|---|
| URN: | urn:nbn:de:hebis:30-12119 |
| ISSN: | 0020-0190 |
| Document Type: | Article |
| Language: | English |
| Year of Completion: | 2000 |
| Date of first Publication: | 2000/09/27 |
| Publishing Institution: | Universitätsbibliothek Johann Christian Senckenberg |
| Release Date: | 2005/07/04 |
| Tag: | computational complexity; cryptography; discrete logarithm (DL); generic algorithms; generic complexity; hardcore subsets |
| Page Number: | 7 |
| First Page: | 1 |
| Last Page: | 7 |
| Note: | Erschienen in: Information processing letters, 79.2001, S. 93-98 |
| Source: | Publ. in Information Processing Letter 79 (2001), pp. 93-98 , http://www.mi.informatik.uni-frankfurt.de/research/papers.html |
| HeBIS-PPN: | 400057387 |
| Institutes: | Informatik und Mathematik / Mathematik |
| Dewey Decimal Classification: | 5 Naturwissenschaften und Mathematik / 51 Mathematik / 510 Mathematik |
| Licence (German): |  Deutsches Urheberrecht |
