Small generic hardcore subsets for the discrete logarithm : short secret DL-keys
- Let G be a group of prime order q with generator g. We study hardcore subsets H is include in G of the discrete logarithm (DL) log g in the model of generic algorithms. In this model we count group operations such as multiplication, division while computations with non-group data are for free. It is known from Nechaev (1994) and Shoup (1997) that generic DL-algorithms for the entire group G must perform p2q generic steps. We show that DL-algorithms for small subsets H is include in G require m/ 2 + o(m) generic steps for almost all H of size #H = m with m <= sqrt(q). Conversely, m/2 + 1 generic steps are su±cient for all H is include in G of even size m. Our main result justifies to generate secret DL-keys from seeds that are only 1/2 * log2 q bits long.
Author: | Claus Peter SchnorrGND |
---|---|
URN: | urn:nbn:de:hebis:30-12119 |
ISSN: | 0020-0190 |
Document Type: | Article |
Language: | English |
Year of Completion: | 2000 |
Date of first Publication: | 2000/09/27 |
Publishing Institution: | Universitätsbibliothek Johann Christian Senckenberg |
Release Date: | 2005/07/04 |
Tag: | computational complexity; cryptography; discrete logarithm (DL); generic algorithms; generic complexity; hardcore subsets |
Page Number: | 7 |
First Page: | 1 |
Last Page: | 7 |
Note: | Erschienen in: Information processing letters, 79.2001, S. 93-98 |
Source: | Publ. in Information Processing Letter 79 (2001), pp. 93-98 , http://www.mi.informatik.uni-frankfurt.de/research/papers.html |
HeBIS-PPN: | 400057387 |
Institutes: | Informatik und Mathematik / Mathematik |
Dewey Decimal Classification: | 5 Naturwissenschaften und Mathematik / 51 Mathematik / 510 Mathematik |
Licence (German): | Deutsches Urheberrecht |