Browse > Article
http://dx.doi.org/10.4134/JKMS.2015.52.4.797

ANALYSIS OF POSSIBLE PRE-COMPUTATION AIDED DLP SOLVING ALGORITHMS  

HONG, JIN (Department of Mathematical Sciences and ISaC Seoul National University)
LEE, HYEONMI (Department of Mathematics and Research Institute for Natural Sciences Hanyang University)
Publication Information
Journal of the Korean Mathematical Society / v.52, no.4, 2015 , pp. 797-819 More about this Journal
Abstract
A trapdoor discrete logarithm group is a cryptographic primitive with many applications, and an algorithm that allows discrete logarithm problems to be solved faster using a pre-computed table increases the practicality of using this primitive. Currently, the distinguished point method and one extension to this algorithm are the only pre-computation aided discrete logarithm problem solving algorithms appearing in the related literature. This work investigates the possibility of adopting other pre-computation matrix structures that were originally designed for used with cryptanalytic time memory tradeoff algorithms to work as pre-computation aided discrete logarithm problem solving algorithms. We find that the classical Hellman matrix structure leads to an algorithm that has performance advantages over the two existing algorithms.
Keywords
discrete logarithm problem; pre-computation; distinguished point; time memory tradeoff;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Cryptohaze, GPU Rainbow Cracker; https://www.cryptohaze.com
2 Free Rainbow Tables, Distributed Rainbow Table Project; http://freerainbowtables.com
3 Ophcrack, Windows Password Cracker; http://ophcrack.sourceforge.net
4 RainbowCrack Project, http://project-rainbowcrack.com
5 E. P. Barkan, Cryptanalysis of ciphers and protocols, Ph.D. Thesis, Technion-Israel Institute of Technology, March 2006.
6 E. Barkan, E. Biham, and A. Shamir, Rigorous bounds on cryptanalytic time/memory tradeoffs, in: CRYPTO 2006, pp. 1-21, LNCS 4117, Springer, 2006.
7 D. J. Bernstein and T. Lange, Computing small discrete logarithms faster, in: INDOCRYPT 2012, pp. 317-338, LNCS 7668, Springer, 2012.
8 D. J. Bernstein and T. Lange, Non-uniform cracks in the concrete: the power of free precomputation, in: ASIACRYPT 2013, pp. 321-340, LNCS 8270, Springer, 2013.
9 A. Biryukov, S. Mukhopadhyay, and P. Sarkar, Improved time-memory trade-offs with multiple data, in: SAC 2005, pp. 110-127, LNCS 3897, Springer, 2006.
10 A. Biryukov and A. Shamir, Cryptanalytic time/memory/data tradeoffs for stream ciphers, in: ASIACRYPT 2000, pp. 1-13, LNCS 1976, Springer, 2000.
11 C. Calik, How to invert one-way functions: time-memory trade-off method, M.S. Thesis, Middle East Technical University, January 2007.
12 A. E. Escott, J. C. Sager, A. P. L. Selkirk, and D. Tsapakidis, Attacking elliptic curve cryptosystems using the parallel Pollard rho method, CryptoBytes 4 (1999), 15-19.
13 M. E. Hellman, A cryptanalytic time-memory trade-off, IEEE Trans. Inform. Theory 26 (1980), no. 4, 401-406.   DOI
14 R. Henry, K. Henry, and I. Goldberg, Making a nymbler Nymble using VERBS, in: PETS 2010, pp. 111-129, LNCS 6205, Springer, 2010.
15 Y. Hitchcock, P. Montague, G. Carter, and E. Dawson, The efficiency of solving multiple discrete logarithm problems and the implications for the security of fixed elliptic curves, Int. J. Inf. Secur. 3 (2004), 86-98.   DOI
16 J. Hong, The cost of false alarms in Hellman and rainbow tradeoffs, Des. Codes Cryptogr. 57 (2010), no. 3, 293-327.   DOI   ScienceOn
17 J. Hong and S. Moon, A comparison of cryptanalytic tradeoff algorithms, J. Cryptology 26 (2013), no. 4, 559-637.   DOI   ScienceOn
18 B.-I. Kim and J. Hong, Analysis of the non-perfect table fuzzy rainbow tradeoff, in: ACISP 2013, pp. 347-362, LNCS 7959, Springer, 2013.
19 D. Huhnlein, M. J. Jacobson Jr., and D. Weber, Towards practical non-interactive public-key cryptosystems using non-maximal imaginary quadratic orders, Des. Codes Cryptogr. 39 (2003), no. 3, 281-299.
20 B.-I. Kim and J. Hong, Analysis of the non-perfect table fuzzy rainbow tradeoff, IACR Cryptology ePrint Archive, Report 2012/612, version 20121116:123317; http://eprint.iacr.org/2012/612.
21 B.-I. Kim and J. Hong, Analysis of the perfect table fuzzy rainbow tradeoff, J. Appl. Math. 2014 (2014), Article ID 765394, 19 pages.
22 F. Kuhn and R. Struik, Random walks revisited: extensions of Pollard's rho algorithm for computing multiple discrete logarithms, in: SAC 2001, pp. 212-229, LNCS 2259, Springer, 2001.
23 H. T. Lee, J. H. Cheon, and J. Hong, Accelerating ID-based encryption based on trapdoor DL using pre-computation, IACR Cryptology ePrint Archive, Report 2011/187, version 20120112:021951; http://eprint.iacr.org/2011/187.
24 G. W. Lee and J. Hong, A comparison of perfect table cryptanalytic tradeoff algorithms, IACR Cryptology ePrint Archive, Report 2012/540, version 20140622:150618; http://eprint.iacr.org/2012/540.
25 D. Ma and J. Hong, Success probability of the Hellman trade-off, Inform. Process. Lett. 109 (2009), no. 7, 347-351.   DOI   ScienceOn
26 U. M. Maurer and Y. Yacobi, Non-interactive public-key cryptography, in: EUROCRYPT '91, pp. 498-507, LNCS 547, Springer, 1991.
27 U. M. Maurer and Y. Yacobi, A non-interactive public-key distribution system, Des. Codes Cryptogr. 9 (1996), no. 3, 305-316.   DOI
28 K. Nohl and C. Paget, GSM-SRSLY?, presented at 26th Chaos Communication Congress (26C3), Berlin, December 2009.
29 Y. Murakami and M. Kasahara, A discrete logarithm problem over composite modulus, Electronics and Communications in Japan (Part III) 76 (1993), 37-46.
30 K. Nohl, Attacking phone privacy, presented at Black Hat USA 2010, Las Vegas, July 2010.
31 P. Oechslin, Making a faster cryptanalytic time-memory trade-off, in: CRYPTO 2003, pp. 617-630, LNCS 2729, Springer, 2003.
32 K. G. Paterson and S. Srinivasan, On the relations between non-interactive key distribution, identity-based encryption and trapdoor discrete log groups, Des. Codes Cryptogr. 52 (2009), no. 2, 219-241.   DOI
33 S. C. Pohlig and M. E. Hellman, An improved algorithm for computing logarithms over GF(p) and its cryptographic significance, IEEE Trans. Inform. Theory 24 (1978), no. 1, 106-110.   DOI
34 J. M. Pollard, Monte Carlo methods for index computation (mod p), Math. Comp. 32 (1978), no. 143, 918-924.   DOI
35 C. P. Schnorr and H. W. Lenstra Jr., A Monte Carlo factoring algorithm with linear storage, Math. Comp. 43 (1984), no. 167, 289-311.   DOI   ScienceOn
36 D. Shanks, Class number, a theory of factorization and genera, 1969 Number Theory Institute (Proc. Sympos. Pure Math., Vol. XX, State Univ. New York, Stony Brook, N.Y., 1969), pp. 415-440. Amer. Math. Soc., Providence, R.I., 1971.
37 V. Shoup, Lower bounds for discrete logarithms and related problems, in: EUROCRYPT '97, pp. 256-266, LNCS 1223, Springer, 1997.
38 E. Teske, Speeding up Pollard's rho method for computing discrete logarithms, in: ANTS-III, pp. 541-554, LNCS 1423, Springer, 1998.
39 E. Teske, An elliptic curve trapdoor system, J. Cryptology 19 (2006), no. 1, 115-133.   DOI