Solving DLP with Auxiliary Input over an Elliptic Curve Used in TinyTate Library

The discrete logarithm problem with auxiliary input (DLPwAI) is a problem to find a from G, αG, αdG in an additive cyclic group generated by G of prime order r and a positive integer d dividing r - 1. The infeasibility of DLPwAI assures the security of some cryptographic schemes. In 2006, Cheon proposed a novel algorithm for solving DLP-wAI. This paper shows our experimental results of Cheon's algorithm by implementing it with some speeding-up techniques. In fact, we succeeded to solve DLPwAI in a group with 128-bit order in 45 hours with a single PC on an elliptic curve defined over a prime finite field with 256-bit elements which is used in the TinyTate library.

[1]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[2]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[3]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[4]  J. Pollard,et al.  Monte Carlo methods for index computation () , 1978 .

[5]  Hovav Shacham,et al.  Pairing-Based Cryptography - Pairing 2009, Third International Conference, Palo Alto, CA, USA, August 12-14, 2009, Proceedings , 2009, Pairing.

[6]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[7]  Ricardo Dahab,et al.  TinyTate: Identity-Based Encryption for Sensor Networks , 2007, IACR Cryptol. ePrint Arch..

[8]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[9]  D. Shanks Class number, a theory of factorization, and genera , 1971 .

[10]  Kazumaro Aoki,et al.  Sieving Using Bucket Sort , 2004, ASIACRYPT.

[11]  Kazuto Matsuo,et al.  Remarks on Cheon's Algorithms for Pairing-Related Problems , 2007, Pairing.

[12]  Tsuyoshi Takagi,et al.  Pairing-Based Cryptography - Pairing 2007, First International Conference, Tokyo, Japan, July 2-4, 2007, Proceedings , 2007, Pairing.

[13]  Richard Box,et al.  A fast, easy sort , 1991 .

[14]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[15]  David Jao,et al.  Boneh-Boyen Signatures and the Strong Diffie-Hellman Problem , 2009, Pairing.

[16]  Masaya Yasuda,et al.  Experimental Results on Cheon's Algorithm , 2010, 2010 International Conference on Availability, Reliability and Security.

[17]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[18]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[19]  Pil Joong Lee,et al.  Advances in Cryptology — ASIACRYPT 2001 , 2001, Lecture Notes in Computer Science.

[20]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[21]  Jung Hee Cheon,et al.  Discrete Logarithm Problems with Auxiliary Inputs , 2010, Journal of Cryptology.

[22]  Ricardo Dahab,et al.  Identity-Based Encryption for Sensor Networks , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[23]  Jung Hee Cheon,et al.  Security Analysis of the Strong Diffie-Hellman Problem , 2006, EUROCRYPT.