Jump to content

Discrete Logarithm in Polynomial Time

Enthalpy
in Mathematics

Featured Replies

You thought it was difficult? They did it...

In a set of p*q elements, which is not a field, and where the prime p and q are chosen big (like 500 bits), computing ax is quick, but the reverse operation called discrete logarithm is long - that is, no quick method was known. So much that some methods for computer security rely on that, for instance some passports.
http://en.wikipedia.org/wiki/Discrete_logarithm

That was before. On May 12 at Eurocrypt 2014, Razvan Barbulescu and his mates have described a method in quasi-polynomial time:
http://ec14.compute.dtu.dk/program.html
they claim as an example that number sizes that would have needed 2128 operations to crack go in 260

http://www.lemonde.fr/sciences/article/2014/05/13/une-percee-en-mathematique-rend-caduques-des-procedures-de-chiffrement_4415604_1650684.html

(sorry for ze lãnguage, other reports must exist)

Papers, possibly this most recent method: http://arxiv.org/abs/1306.4244

and http://cca.saclay.inria.fr/Data/Razvan.Barbulescu-10-01-2014.pdf

It all depends on the number sizes and the difficulty of individual operations. 256 simpler operations were made decades ago by EFF to crack DES. How small are the numbers chosen in existing applications? It's about time to double-check and take safety factors, or better, change the encryption method, because smaller improvements use to follow any breakthrough.

Even more disturbing: the discrete logarithm is known to be related with the factorization (finding p and q above), that is, cracking one would help crack the other.
http://en.wikipedia.org/wiki/Integer_factorization
If someone finds a practical path in that direction (the other, factoring eases logarithm, is simple), that would ruin all the algorithms we have now.
[A simple introduction is: Applied Cryptography, by Bruce Schneier]
All the public-key cryptography, which exchanges the keys for the simpler private-key ciphers in all working programmes, and authenticates messages or signs software, relies on the difficulty of factoring.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.