Computing discrete logarithms in $GF(p^6)$

Laurent Grémy 1 Aurore Guillevic 1 François Morain 2 Emmanuel Thomé 1
1 CARAMBA - Cryptology, arithmetic : algebraic methods for better algorithms
Inria Nancy - Grand Est, LORIA - ALGO - Department of Algorithms, Computation, Image and Geometry
2 GRACE - Geometry, arithmetic, algorithms, codes and encryption
Inria Saclay - Ile de France
Abstract : The security of torus-based and pairing-based cryptography relies on the difficulty of computing discrete logarithms in small degree extensions of finite fields of large characteristic. It has already been shown that for degrees 2 and 3, the discrete logarithm problem is not as hard as once thought. We address the question of degree 6 and aim at providing real-life timings for such problems. We report on a record DL computation in a 132-bit subgroup of $GF(p^6)$ for a 22-decimal digit prime, with $p^6$ having 422 bits. The previous record was for a 79-bit subgroup in a 240-bit field. We used NFS-DL with a sieving phase over degree 2 polynomials, instead of the more classical degree 1 case. We show how to improve many parts of the NFS-DL algorithm to reach this target.
Document type :
Conference papers
Complete list of metadatas

Cited literature [49 references]  Display  Hide  Download
https://hal.inria.fr/hal-01624662
Contributor : Laurent Grémy <>
Submitted on : Thursday, October 26, 2017 - 4:03:48 PM
Last modification on : Thursday, February 7, 2019 - 3:43:04 PM
Long-term archiving on : Saturday, January 27, 2018 - 2:01:54 PM

File

p6hd.pdf
Files produced by the author(s)

Identifiers

Collections

INSMI | INRIA | LORIA | LORIA-ALGO | UNIV-LORRAINE | UNIV-PARIS-SACLAY | GRID5000

Citation

Laurent Grémy, Aurore Guillevic, François Morain, Emmanuel Thomé. Computing discrete logarithms in $GF(p^6)$. 24th Annual Conference on Selected Areas in Cryptography, Aug 2017, Ottawa, Canada. pp.85-105, ⟨10.1007/978-3-319-72565-9_5⟩. ⟨hal-01624662⟩

Export

BibTeX TEI DC DCterms EndNote

Share

Metrics

Record views

637

Files downloads

365

Contact


archive-ouverte@inria.fr