Complexity of a determinate algorithm for the discrete logarithm (Q1898267)

From MaRDI portal
Revision as of 14:59, 20 February 2024 by RedirectionBot (talk | contribs) (‎Changed an Item)
scientific article
Language Label Description Also known as
English
Complexity of a determinate algorithm for the discrete logarithm
scientific article

    Statements

    Complexity of a determinate algorithm for the discrete logarithm (English)
    0 references
    0 references
    24 September 1995
    0 references
    Let \(\langle G,\cdot \rangle\) be a finite group and \(g, a\in G\). Let \(g\) be an element of order \(t\) and \(n\), \(k\), \(m\) be natural numbers. Consider the equation \(g^x= a\), \(x\in \mathbb{N}\). To determine \(x\), suppose \(km\geq t\) and compute the products \(a, ag, \dots, ag^{m-1}\) and \(g^m, g^{2m}, \dots, g^{km}\). Then if, for some \(i\), \(j\), \(g^{mi}= ag^j\) then \(n= mi-j\) is a solution. This is the well known Shanks baby-step, giant-step algorithm which requires on the order of \(2\sqrt {t}\) multiplications. It is established in this paper that, among a certain class of algorithms, this algorithm is optimal in a certain sense.
    0 references
    discrete logarithm
    0 references
    finite fields
    0 references
    cryptography
    0 references
    Shanks baby-step, giant- step algorithm
    0 references
    0 references

    Identifiers

    0 references
    0 references
    0 references
    0 references
    0 references