[Cryptography] New attacks on discrete logs?
Hanno Böck
hanno at hboeck.de
Fri May 23 17:17:58 EDT 2014
On Fri, 23 May 2014 14:03:01 -0700
Bear <bear at sonic.net> wrote:
> On Thu, 2014-05-22 at 11:14 +0200, Hanno Böck wrote:
>
> > Okay, to clear this up:
> > There's been an algorithm improvement on discrete logs in so-called
> > finite fields with small characteristics. However, it's not that
> > "new", it's from early 2013, it just has been presented at the
> > eurocrypt conference recently.
>
> Would anyone like to clarify what exactly they mean by
> "small" and "large" characteristic here? Please?
This involves some math, I hope I got everything correct and no
mathematician will beat me for this:
Finite fields are mathematical structures where you can do certain
calculations with certain rules involving addition and multiplication.
Finite fields exist with a number of elements if that number is
[a prime]^[some number]
So you can e.g. have a finite field with 5 elements (because 5 is
prime) or with 2^4=16 elements (because 2 is a prime).
Finite fields with large characteristics means finite fields with a
large prime as the number of elements.
Finite fields with small characteristics means finite fields with a
small prime to the power of a large number of elements.
E.g. a diffie hellman key exchange works like this:
Choose a large prime p and a small number g
A calculates g^a mod p and sends it to B
B calculates g^b mod p and sends it to A
A calculates g^b^a mod p, B calculates g^a^b, both have a shared secret.
Our finite field here is the finite field with p elements, which is
everything calculated mod p. As p is a large prime it's a finite field
with large characteristics.
You could also use not a prime but e.g. 2^[large number] or 3^[large
number]. But that's no good idea, because that'd be insecure according
to this new algorithm.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140523/162c218c/attachment.pgp>
More information about the cryptography
mailing list