| HAL-Inria | Publications, software ... of Inria's scientists |
Computing discrete logarithms in $GF(p^6)$
Abstract : The security of torus-based and pairing-based cryptography relies on the difficulty of computing discrete logarithms in small degree extensions of finite fields of large characteristic. It has already been shown that for degrees 2 and 3, the discrete logarithm problem is not as hard as once thought. We address the question of degree 6 and aim at providing real-life timings for such problems. We report on a record DL computation in a 132-bit subgroup of $GF(p^6)$ for a 22-decimal digit prime, with $p^6$ having 422 bits. The previous record was for a 79-bit subgroup in a 240-bit field. We used NFS-DL with a sieving phase over degree 2 polynomials, instead of the more classical degree 1 case. We show how to improve many parts of the NFS-DL algorithm to reach this target.
Cited literature [49 references]
https://hal.inria.fr/hal-01624662
Contributor : Laurent Grémy <>
Submitted on : Thursday, October 26, 2017 - 4:03:48 PM
Last modification on : Friday, November 22, 2019 - 1:34:55 AM
Document(s) archivé(s) le : Saturday, January 27, 2018 - 2:01:54 PM
Contributor : Laurent Grémy <>
Submitted on : Thursday, October 26, 2017 - 4:03:48 PM
Last modification on : Friday, November 22, 2019 - 1:34:55 AM
Document(s) archivé(s) le : Saturday, January 27, 2018 - 2:01:54 PM
File
p6hd.pdf
Files produced by the author(s)