Technical history of discrete logarithms in small characteristic finite fields

Due to its use in cryptographic protocols such as the Diffie–Hellman key exchange, the discrete logarithm problem attracted a considerable amount of attention in the past 40 years. In this paper, we summarize the key technical ideas and their evolution for the case of discrete logarithms in small characteristic finite fields. This road leads from the original belief that this problem was hard enough for cryptographic purpose to the current state of the art where the algorithms are so efficient and practical that the problem can no longer be considered for cryptographic use.

[1]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[2]  Douglas H. Wiedemann Solving sparse linear equations over finite fields , 1986, IEEE Trans. Inf. Theory.

[3]  Antoine Joux,et al.  The Function Field Sieve in the Medium Prime Case , 2006, EUROCRYPT.

[4]  Jérémie Detrey,et al.  Discrete Logarithm in GF(2809) with FFS , 2014, Public Key Cryptography.

[5]  Rudolf Lide,et al.  Finite fields , 1983 .

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Antoine Joux,et al.  A New Index Calculus Algorithm with Complexity $$L(1/4+o(1))$$ in Small Characteristic , 2013, Selected Areas in Cryptography.

[8]  Tsuyoshi Takagi,et al.  Key Length Estimation of Pairing-Based Cryptosystems Using ηT Pairing over GF(3n) , 2014, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[9]  Don Coppersmith,et al.  Fast evaluation of logarithms in fields of characteristic two , 1984, IEEE Trans. Inf. Theory.

[10]  Antoine Joux,et al.  The Function Field Sieve Is Quite Special , 2002, ANTS.

[11]  Thorsten Kleinjung,et al.  On the discrete logarithm problem in finite fields of fixed characteristic , 2015, IACR Cryptol. ePrint Arch..

[12]  Francisco Rodríguez-Henríquez,et al.  Computing Discrete Logarithms in 𝔽36...137 and 𝔽36...163 Using Magma , 2014, WAIFI.

[13]  Antoine Joux,et al.  Faster Index Calculus for the Medium Prime Case Application to 1175-bit and 1425-bit Finite Fields , 2013, EUROCRYPT.

[14]  Antoine Joux,et al.  Improving the Polynomial time Precomputation of Frobenius Representation Discrete Logarithm Algorithms - Simplified Setting for Small Characteristic Finite Fields , 2014, IACR Cryptol. ePrint Arch..

[15]  Ian F. Blake,et al.  Computing Logarithms in GF(2n) , 1985, CRYPTO.

[16]  H. Niederreiter,et al.  Finite Fields: Encyclopedia of Mathematics and Its Applications. , 1997 .

[17]  Joachim von zur Gathen,et al.  Factoring Polynomials Over Finite Fields: A Survey , 2001, J. Symb. Comput..

[18]  Francisco Rodríguez-Henríquez,et al.  Computing Discrete Logarithms in {\mathbb F}_{3^{6 \cdot 137}} and {\mathbb F}_{3^{6 \cdot 163}} Using Magma , 2014 .

[19]  Ming-Deh Huang,et al.  Finding Primitive Elements in Finite Fields of Small Characteristic , 2013, ArXiv.

[20]  Francisco Rodríguez-Henríquez,et al.  Weakness of 𝔽36·509 for Discrete Logarithm Cryptography , 2013, Pairing.

[21]  Francisco Rodríguez-Henríquez,et al.  Computing Discrete Logarithms in F36*137 using Magma , 2014, IACR Cryptol. ePrint Arch..

[22]  Antoine Joux,et al.  A Heuristic Quasi-Polynomial Algorithm for Discrete Logarithm in Finite Fields of Small Characteristic , 2014, EUROCRYPT.

[23]  C. Lanczos An iteration method for the solution of the eigenvalue problem of linear differential and integral operators , 1950 .

[24]  C. Pomerance Fast, Rigorous Factorization and Discrete Logarithm Algorithms , 1987 .

[25]  Justin M. Reyneri,et al.  Fast Computation of Discrete Logarithms in GF(q) , 1982, CRYPTO.

[26]  Kevin S. McCurley,et al.  Massively Parallel Computation of Discrete Logarithms , 1992, CRYPTO.

[27]  Leonard M. Adleman,et al.  A subexponential algorithm for the discrete logarithm problem with applications to cryptography , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[28]  Philippe Flajolet,et al.  An Analytic Approach to Smooth Polynominals over Finite Fields , 1998, ANTS.

[29]  Faruk Göloglu,et al.  On the Function Field Sieve and the Impact of Higher Splitting Probabilities: Application to Discrete Logarithms in F21971 , 2013, IACR Cryptol. ePrint Arch..

[30]  Maike Massierer Some experiments investigating a possible L(1/4) algorithm for the discrete logarithm problem in algebraic curves , 2014, IACR Cryptol. ePrint Arch..

[31]  Leonard M. Adleman,et al.  Function Field Sieve Method for Discrete Logarithms over Finite Fields , 1999, Inf. Comput..

[32]  P. Erdös,et al.  On a problem of Oppenheim concerning “factorisatio numerorum” , 1983 .

[33]  Thorsten Kleinjung,et al.  Fe b 20 14 Breaking ‘ 128-bit Secure ’ Supersingular Binary Curves ⋆ ( or how to solve discrete logarithms in F , 2014 .

[34]  Antoine Joux,et al.  The Past, Evolving Present, and Future of the Discrete Logarithm , 2014, Open Problems in Mathematics and Computational Science.

[35]  Thorsten Kleinjung,et al.  On the Powers of 2 , 2014, IACR Cryptol. ePrint Arch..