A rigorous proof of the Waterloo algorithm for the discrete logarithm problem (Q1611366)

From MaRDI portal
Revision as of 11:00, 30 July 2024 by Openalex240730090724 (talk | contribs) (Set OpenAlex properties.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
scientific article
Language Label Description Also known as
English
A rigorous proof of the Waterloo algorithm for the discrete logarithm problem
scientific article

    Statements

    A rigorous proof of the Waterloo algorithm for the discrete logarithm problem (English)
    0 references
    0 references
    0 references
    21 August 2002
    0 references
    The index calculus attack is a sub-exponential algorithm to compute discrete logarithms in finite fields. For fields of small characteristic, especially \(\mathbb{F}_{2^n}\), \textit{D. Coppersmith}'s variant [IEEE Trans. Inf. Theory 30, 587-594 (1984; Zbl 0554.12013)] is (heuristically) most efficient. A further algorithm specially designed for this case is the Waterloo algorithm [Advances in cryptology, Proc. Workshop, Santa Barbara/Calif. 1984, Lect. Notes Comput. Sci. 196, 73-82 (1985; Zbl 0574.94012)] by \textit{I. F. Blake, R. C. Mullin}, and \textit{S. A. Vanstone}. The present article manages to give proofs for the heuristic arguments used to estimate the running time. The main step is to compute the probability that two polynomials of degree at most \(n/2\) factor into irreducible polynomials of degree at most \(m\), where \(m\) is a parameter of the algorithm. To reach this aim the authors estimate the number of \(m\)-smooth polynomials of bounded degree and coprime pairs of such polynomials. The main tool used to derive these results are generating functions for polynomials and the saddle point method as in \textit{A. L. Odlyzko} [Advances in cryptology, Proc. EUROCRYPT 84, Workshop Paris 1984, Lect. Notes Comput. Sci. 209, 224-314 (1985; Zbl 0594.94016)].
    0 references
    0 references
    discrete logarithm problem
    0 references
    finite fields
    0 references
    smooth polynomials
    0 references
    generating functions
    0 references

    Identifiers

    0 references
    0 references
    0 references
    0 references
    0 references
    0 references