Abstract
We present an algorithm for solving the discrete logarithm problem in Jacobians of families of plane curves whose degrees in X and Y are low with respect to their genera. The finite base fields \(\mathbb{F}_{q}\) are arbitrary, but their sizes should not grow too fast compared to the genus. For such families, the group structure and discrete logarithms can be computed in subexponential time of \(L_{q^{g}}(1/3,O(1))\). The runtime bounds rely on heuristics similar to the ones used in the number field sieve or the function field sieve.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
L.M. Adleman, M.-D. Huang, Function field sieve methods for discrete logarithms over finite fields. Inf. Comput. 151(1), 5–16 (1999)
L.M. Adleman, J. DeMarrais, M.-D. Huang, A subexponential algorithm for discrete logarithms over the rational subgroup of the Jacobians of large genus hyperelliptic curves over finite fields, in ANTS-I, ed. by L. Adleman, M.-D. Huang. Lecture Notes in Comput. Sci., vol. 877 (Springer, Berlin, 1994), pp. 28–40
R.L. Bender, C. Pomerance, Rigorous discrete logarithm computations in finite fields via smooth polynomials, in Computational Perspectives on Number Theory: Proceedings of a Conference in Honor of A.O.L. Atkin, ed. by D.A. Buell, J.T. Teitelbaum. Studies in Advanced Mathematics, vol. 7 (American Mathematical Society, Providence, 1998), pp. 221–232
J.P. Buhler, A.K. Lenstra, J.M. Pollard, Factoring integers with the number field sieve, in The development of the number field sieve, ed. by A.K. Lenstra, H.W. Lenstra Jr. Lecture Notes in Math., vol. 1554 (Springer, Berlin, 1993), pp. 50–94
W. Castryck, H. Hubrechts, F. Vercauteren, Computing zeta functions in families of C ab curves using deformation, in ANTS-VIII, ed. by A. van der Poorten, A. Stein. Lecture Notes in Comput. Sci., vol. 5011 (Springer, Berlin, 2008), pp. 296–311
D. Coppersmith, Fast evaluation of logarithms in fields of characteristic two. IEEE Trans. Inf. Theory IT–30(4), 587–594 (1984)
J.-M. Couveignes, Algebraic groups and discrete logarithm, in Public-key Cryptography and Computational Number Theory (de Gruyter, Berlin, 2001), pp. 17–27
C. Diem, An index calculus algorithm for non-singular plane curves of high genus (2006). Talk at ECC 2006 Workshop, slides available at http://www.cacr.math.uwaterloo.ca/conferences/2006/ecc2006/diem.pdf.
C. Diem, An index calculus algorithm for plane curves of small degree, in ANTS-VII, ed. by F. Heß, S. Pauli, M. Pohst. Lecture Notes in Comput. Sci., vol. 4076 (Springer, Berlin, 2006), pp. 543–557
C. Diem, E. Thomé, Index calculus in class groups of non-hyperelliptic curves of genus three. J. Cryptol. 21, 593–611 (2008)
A. Enge, Computing discrete logarithms in high-genus hyperelliptic Jacobians in provably subexponential time. Math. Comput. 71, 729–742 (2002)
A. Enge, Discrete logarithms in curves over finite fields, in Finite Fields and Applications, ed. by G.L. Mullen, D. Panario, I.E. Shparlinski. Contemporary Mathematics, vol. 461 (American Mathematical Society, Providence, 2008), pp. 119–139
A. Enge, P. Gaudry, A general framework for subexponential discrete logarithm algorithms. Acta Arith. 102, 83–103 (2002)
A. Enge, P. Gaudry, An L(1/3+ε) algorithm for the discrete logarithm problem for low degree curves, in Advances in Cryptology—EUROCRYPT 2007, ed. by M. Naor. Lecture Notes in Comput. Sci., vol. 4515 (Springer, Berlin, 2007), pp. 379–393
A. Enge, A. Stein, Smooth ideals in hyperelliptic function fields. Math. Comput. 71, 1219–1230 (2002)
P. Gaudry, E. Thomé, N. Thériault, C. Diem, A double large prime variation for small genus hyperelliptic index calculus. Math. Comput. 76, 475–492 (2007)
D.M. Gordon, Discrete logarithms in GF(p) using the number field sieve. SIAM J. Discrete Math. 6(1), 124–138 (1993)
F. Heß, Computing Riemann–Roch spaces in algebraic function fields and related topics. J. Symb. Comput. 33, 425–445 (2002)
F. Heß, Computing relations in divisor class groups of algebraic curves over finite fields. Preprint (2004)
A.G.B. Lauder, D. Wan, Counting points on varieties over finite fields of small characteristic, in Algorithmic Number Theory: Lattices, Number Fields, Curves and Cryptography, ed. by J.P. Buhler, P. Stevenhagen. Mathematical Sciences Research Institute Publications, vol. 44 (Cambridge University Press, Cambridge, 2008), pp. 579–612
E. Manstavičius, Semigroup elements free of large prime factors, in New Trends in Probability and Statistic, ed. by F. Schweiger, E. Manstavičius (1992), pp. 135–153
M. Minzlaff, Computing zeta functions of superelliptic curves in larger characteristic, in Proc. 1st International Conference on Symbolic Computation and Cryptography (SCC08) (2008)
S. Miura, Linear codes on affine algebraic curves. IEICE Transactions J81-A, 1398–1421 (1998). In Japanese. English summary by Ryutaroh Matsumoto available at http://www.rmatsumoto.org/cab.pdf
V. Müller, A. Stein, C. Thiel, Computing discrete logarithms in real quadratic congruence function fields of large genus. Math. Comput. 68(226), 807–822 (1999)
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Tatsuaki Okamoto
This paper was solicited by the Editors-in-Chief as one of the best papers from Eurocrypt 2007, based on the recommendation of the program committee.
About this article
Cite this article
Enge, A., Gaudry, P. & Thomé, E. An L(1/3) Discrete Logarithm Algorithm for Low Degree Curves. J Cryptol 24, 24–41 (2011). https://doi.org/10.1007/s00145-010-9057-y
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-010-9057-y