[Cryptography] Yet another dumb crypto system

Viktor Dukhovni cryptography at dukhovni.org
Wed Sep 23 22:58:53 EDT 2015

On Wed, Sep 23, 2015 at 02:09:52PM -0700, Bill Cox wrote:

> Enjoy breaking this probably very old crypto system that was probably
> broken decades ago :)

Don't waste time on this.

> Instead, I'm using a couple of simple "reduction
> rules".  The two rules are:
>     x^2 => x + 3
>     y^2 => 2y

The y^2 = 2y reduction rule is not so good.  This means that

	y*(y-2) = y^2 - 2y = 0

which makes the set of non-zero polynomials not a group under

To avoid such problems you'd want x and y to be roots of distinct
irreducible quadratic polynomials.  This then turns your system
into a degree 4 Galois extension of F_p.

DLP for Galois extensions is not a new problem.


More information about the cryptography mailing list