Oracle-Assisted Static Diffie-Hellman Is Easier Than Discrete Logarithms

This paper extends Joux-Naccache-Thome's e -th root algorithm to the static Diffie-Hellman problem ( sdhp ). The new algorithm can be adapted to diverse finite fields by customizing it with an nfs -like core or an ffs -like core. In both cases, after a number of non-adaptive sdhp oracle queries, the attacker builds-up the ability to solve new sdhp instances unknown before the query phase . While sub-exponential, the algorithm is still significantly faster than all currently known dlp and sdhp resolution methods. We explore the applicability of the technique to various cryptosystems.The attacks were implemented in ${\mathbb F}_{2^{1025}}$ and also in ${\mathbb F}_{p}$, for a 516-bit p .

[1]  Arjen K. Lenstra,et al.  The number field sieve , 1990, STOC '90.

[2]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[3]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[4]  Carl Pomerance,et al.  The Development of the Number Field Sieve , 1994 .

[5]  David Chaum,et al.  Undeniable Signatures , 1989, CRYPTO.

[6]  Douglas H. Wiedemann Solving sparse linear equations over finite fields , 1986, IEEE Trans. Inf. Theory.

[7]  Antoine Joux,et al.  The Function Field Sieve in the Medium Prime Case , 2006, EUROCRYPT.

[8]  K. Dickman On the frequency of numbers containing prime factors of a certain relative magnitude , 1930 .

[9]  Philippe Flajolet,et al.  An Analytic Approach to Smooth Polynominals over Finite Fields , 1998, ANTS.

[10]  Frederik Vercauteren,et al.  The Number Field Sieve in the Medium Prime Case , 2006, CRYPTO.

[11]  Oliver Schirokauer Discrete logarithms and local units , 1993, Philosophical Transactions of the Royal Society of London. Series A: Physical and Engineering Sciences.

[12]  Antoine Joux,et al.  When e-th Roots Become Easier Than Factoring , 2007, ASIACRYPT.

[13]  Antoine Joux,et al.  Improvements to the general number field sieve for discrete logarithms in prime fields. A comparison with the gaussian integer method , 2003, Math. Comput..

[14]  Daniel R. L. Brown,et al.  The Static Diffie-Hellman Problem , 2004, IACR Cryptology ePrint Archive.

[15]  Burton S. Kaliski,et al.  Server-assisted generation of a strong secret from a password , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).

[16]  Oliver Schirokauer Virtual logarithms , 2005, J. Algorithms.

[17]  Alfred Menezes,et al.  Another look at non-standard discrete log and Diffie-Hellman problems , 2008, J. Math. Cryptol..