A New Approach to Discrete Logarithm Problem with Auxiliary Inputs

Embedding an element of a finite field into auxiliary groups such as elliptic curve groups or extension fields of finite fields has been useful tool for analysis of cryptographic problems such as establishing the equivalence between the discrete logarithm problem and Diffie-Hellman problem or solving the discrete logarithm problem with auxiliary inputs (DLPwAI). Actually, Cheon’s algorithm solving the DLPwAI can be regarded as a quantitative version of den Boer and Maurer. Recently, Kim showed in his dissertation that the generalization of Cheon’s algorithm using embedding technique including Satoh’s [19] is no faster than Pollard’s rho algorithm when d (p± 1). In this paper, we propose a new approach to solve DLPwAI concentrating on the behavior of function mapping between the finite fields rather than using an embedding to auxiliary groups. This result shows the relation between the complexity of the algorithm and the number of absolutely irreducible factors of the substitution polynomials, hence enlightens the research on the substitution polynomials. More precisely, with a polynomial f(x) of degree d over Fp, the proposed algorithm shows the complexity O (√ p2/R log d log p ) group operations to recover α with g, g, . . . , g d , where R denotes the number of pairs (x, y) ∈ Fp × Fp such that f(x) − f(y) = 0. As an example using the Dickson polynomial, we reveal α in O(p log d log p) group operations when d|(p + 1). Note that Cheon’s algorithm requires g, g, . . . , g d , . . . , g 2d as an instance for the same problem.

[1]  Jung Hee Cheon,et al.  Discrete Logarithm Problems with Auxiliary Inputs , 2010, Journal of Cryptology.

[2]  J. Pollard,et al.  Monte Carlo methods for index computation () , 1978 .

[3]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[4]  David R. Hayes A geometric approach to permutation polynomials over a finite field , 1967 .

[5]  Masaya Yasuda,et al.  Solving a Discrete Logarithm Problem with Auxiliary Input on a 160-Bit Elliptic Curve , 2012, Public Key Cryptography.

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[8]  Daniel J. Madden,et al.  Polynomials with small value set over finite fields , 1988 .

[9]  L. Carlitz,et al.  Polynomials over finite fields with minimal value sets , 1961 .

[10]  Ueli Maurer,et al.  The Relationship Between Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1999, SIAM J. Comput..

[11]  Jung Hee Cheon,et al.  Analysis on a generalized algorithm for the strong discrete logarithm problem with auxiliary inputs , 2014, Math. Comput..

[12]  Bert den Boer Diffie-Hellman is as Strong as Discrete Log for Certain Primes , 1988, CRYPTO.

[13]  Masaaki Sibuya,et al.  Occupancy with two types of balls , 1988 .

[14]  Saburô Uchiyama Note on the Mean Value of V(f). III , 1955 .

[15]  Daniel R. L. Brown,et al.  The Static Diffie-Hellman Problem , 2004, IACR Cryptology ePrint Archive.

[16]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[17]  A. Weil Sur les courbes algébriques et les variétés qui s'en déduisent , 1948 .

[18]  Javier Gomez-Calderon The third-order factorable core of polynomials over finite fields , 1998 .

[19]  D. A. Mit'kin Polynomials with minimal set of values and the equationf (x) = f (y) in a finite prime field , 1985 .

[20]  P. Shiue,et al.  Value sets of polynomials over finite fields , 1993 .

[21]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[22]  Payman Mohassel,et al.  Fast Computation on Encrypted Polynomials and Applications , 2011, CANS.

[23]  R. Gregory Taylor,et al.  Modern computer algebra , 2002, SIGA.

[24]  Kazuto Matsuo,et al.  Remarks on Cheon's Algorithms for Pairing-Related Problems , 2007, Pairing.

[25]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[26]  Jung Hee Cheon,et al.  Security Analysis of the Strong Diffie-Hellman Problem , 2006, EUROCRYPT.

[27]  Ueli Maurer,et al.  Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1994, CRYPTO.

[28]  선동규 Elliptic curves with the minimized security loss of the strong Diffie-Hellman problem , 2007 .

[29]  Takakazu Satoh On Generalization of Cheon's Algorithm , 2009, IACR Cryptol. ePrint Arch..

[30]  Jung Hee Cheon,et al.  A Group Action on ℤp˟ and the Generalized DLP with Auxiliary Inputs , 2013, Selected Areas in Cryptography.

[31]  Steven D. Galbraith,et al.  A non-uniform birthday problem with applications to discrete logarithms , 2012, Discret. Appl. Math..

[32]  B. I. Selivanov On waiting time in the scheme of random allocation of coloured particies , 1995 .

[33]  Javier Gomez-calderon On the cardinality of value set of polynomials with coefficients in a finite field , 1992 .

[34]  Gary L. Mullen,et al.  Value sets of Dickson polynomials over finite fields , 1988 .