Skip to main content Accessibility help
×
Home

Collecting relations for the number field sieve in $\text{GF}(p^{6})$

  • Pierrick Gaudry (a1), Laurent Grémy (a2) and Marion Videau (a3) (a4)

Abstract

In order to assess the security of cryptosystems based on the discrete logarithm problem in non-prime finite fields, as are the torus-based or pairing-based ones, we investigate thoroughly the case in $\mathbb{F}_{p^{6}}$ with the number field sieve. We provide new insights, improvements, and comparisons between different methods to select polynomials intended for a sieve in dimension 3 using a special- $\mathfrak{q}$ strategy. We also take into account the Galois action to increase the relation productivity of the sieving phase. To validate our results, we ran several experiments and real computations for various polynomial selection methods and field sizes with our publicly available implementation of the sieve in dimension 3, with special- $\mathfrak{q}$ and various enumeration strategies.

    • Send article to Kindle

      To send this article to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about sending to your Kindle. Find out more about sending to your Kindle.

      Note you can select to send to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be sent to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

      Find out more about the Kindle Personal Document Service.

      Collecting relations for the number field sieve in $\text{GF}(p^{6})$
      Available formats
      ×

      Send article to Dropbox

      To send this article to your Dropbox account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Dropbox.

      Collecting relations for the number field sieve in $\text{GF}(p^{6})$
      Available formats
      ×

      Send article to Google Drive

      To send this article to your Google Drive account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Google Drive.

      Collecting relations for the number field sieve in $\text{GF}(p^{6})$
      Available formats
      ×

Copyright

References

Hide All
1. Bai, S., Brent, R. and Thomé, E., ‘Root optimization of polynomials in the number field sieve’, Math. Comp. 84 (2015) 24472457.
2. Barbulescu, R., Gaudry, P., Guillevic, A. and Morain, F., ‘Improving NFS for the discrete logarithm problem in non-prime finite fields’, EUROCRYPT 2015 , Lecture Notes in Computer Science 9056 (eds Oswald, E. and Fischlin, M.; Springer, 2015) 129155.
3. Barbulescu, R., Gaudry, P., Joux, A. and Thomé, E., ‘A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic’, EUROCRYPT 2014 , Lecture Notes in Computer Science 8441 (eds Nguyen, P. and Oswald, E.; Springer, Berlin, Heidelberg, 2014) 116.
4. Barbulescu, R., Gaudry, P. and Kleinjung, T., ‘The tower number field sieve’, ASIACRYPT 2015 , Lecture Notes in Computer Science 9453 (eds Iwata, T. and Cheon, J. H.; Springer, Berlin, Heidelberg, 2015) 3155.
5. Barbulescu, R. and Lachand, A., ‘Some mathematical remarks on the polynomial selection in NFS’, Math. Comp., published online (2016), doi:10.1090/mcom/3112.
6. Barbulescu, R. and Pierrot, C., ‘The multiple number field sieve for medium and high characteristic finite fields’, LMS J. Comput. Math. 17 (2014) 230246.
7. Cohen, H., A course in algorithmic algebraic number theory , Graduate Texts in Mathematics 138 (Springer, Berlin, Heidelberg, 1993).
8. Commeine, A. and Semaev, I., ‘An algorithm to solve the discrete logarithm problem with the number field sieve’, PKC 2006 , Lecture Notes in Computer Science 3958 (eds Yung, M., Dodis, Y., Kiayias, A. and Malkin, T.; Springer, Berlin, Heidelberg, 2006) 174190.
9. Coppersmith, D., ‘Modifications to the number field sieve’, J. Cryptology 6 (1993) no. 3, 169180.
10. Franke, J. and Kleinjung, T., ‘Continued fractions and lattice sieving’, SHARCS’05Special-purpose Hardware for Attacking Cryptographic Systems (2005), http://www.sharcs.org/.
11. Freeman, D., Scott, M. and Teske, E., ‘A taxonomy of pairing-friendly elliptic curves’, J. Cryptology 23 (2010) 224280.
12. González, Á., ‘Measurement of areas on a sphere using Fibonacci and latitude–longitude lattices’, Math. Geosci. (2010) 4249.
13. Gordon, D. M., ‘Discrete logarithms in GF(p) using the number field sieve’, SIAM J. Discrete Math. 6 (1993) no. 1, 124138.
14. Guillevic, A., ‘Computing individual discrete logarithms faster in GF(p n ) with the NFS-DL algorithm’, ASIACRYPT 2015 , Lecture Notes in Computer Science 9452 (eds Iwata, T. and Cheon, J. H.; Springer, Berlin, Heidelberg, 2015) 149173.
15. Hanrot, G., Pujol, X. and Stehlé, D., ‘Algorithms for the shortest and closest lattice vector problems’, Coding and Cryptology — Third International Workshop, IWCC 2011 , Lecture Notes in Computer Science 6639 (eds Chee, Y. M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H. and Xing, C.; Springer, Berlin, Heidelberg, 2011) 159190.
16. Hayasaka, K., Aoki, K., Kobayashi, T. and Takagi, T., ‘An experiment of number field sieve for discrete logarithm problem over GF(p 12 )’, Number theory and cryptography , Lecture Notes in Computer Science 8260 (eds Fischlin, M. and Katzenbeisser, S.; Springer, Berlin, Heidelberg, 2013) 108120.
17. Hayasaka, K., Aoki, K., Kobayashi, T. and Takagi, T., ‘A construction of 3-dimensional lattice sieve for number field sieve over $\mathbb{F}_{p^{n}}$ ’, Cryptology ePrint Archive, 2015/1179, 2015.
18. Joux, A. and Lercier, R., ‘Improvements to the general number field sieve for discrete logarithms in prime fields’, Math. Comp. 72 (2003) no. 242, 953967.
19. Joux, A., Lercier, R., Smart, N. P. and Vercauteren, F., ‘The number field sieve in the medium prime case’, CRYPTO 2006 , Lecture Notes in Computer Science 4117 (ed. Dwork, C.; Springer, Berlin, Heidelberg, 2006) 326344.
20. Joux, A. and Pierrot, C., ‘The special number field sieve in F p n — application to pairing-friendly constructions’, Pairing 2013 , Lecture Notes in Computer Science 8365 (eds Cao, Z. and Zhang, F.; Springer, Cham, 2013) 4561.
21. Kim, T. and Barbulescu, R., ‘Extended tower number field sieve: a new complexity for medium prime case’, CRYPTO 2016, Lecture Notes in Computer Science (Springer), to appear; Cryptology ePrint Archive, 2015/1027, 2015.
22. Kleinjung, T., ‘On polynomial selection for the general number field sieve’, Math. Comp. 75 (2006) 20372047.
23. Lenstra, A. K. and Verheul, E. R., ‘The XTR public key system’, CRYPTO 2000 , Lecture Notes in Computer Science 1880 (ed. Bellare, M.; Springer, 2000) 119.
24. Murphy, B. A., ‘Polynomial selection for the number field sieve integer factorisation algorithm’, PhD Thesis, Australian National University, 1999.
25. Pierrot, C., ‘The multiple number field sieve with conjugation and generalized Joux–Lercier methods’, EUROCRYPT 2015 , Lecture Notes in Computer Science 9056 (eds Oswald, E. and Fischlin, M.; Springer, Berlin, Heidelberg, 2015) 156170.
26. Pollard, J., ‘The lattice sieve’, The development of the number field sieve , Lecture Notes in Mathematics 1554 (eds Lenstra, A. K. and Lenstra, H. W. Jr.; Springer, Berlin, Heidelberg, 1993) 4349.
27. Rubin, K. and Silverberg, A., ‘Torus-based cryptography’, CRYPTO 2003 , Lecture Notes in Computer Science 2729 (ed. Boneh, D.; Springer, Berlin, Heidelberg, 2003) 349365.
28. Sarkar, P. and Singh, S., ‘New complexity trade-offs for the (multiple) number field sieve algorithm in non-prime fields’, EUROCRYPT 2016 , Lecture Notes in Computer Science 9665 (eds Fischlin, M. and Coron, J. S.; Springer, Berlin, Heidelberg, 2016) 429458.
29. Schirokauer, O., ‘Virtual logarithms’, J. Algorithms 57 (2005) 140147.
30. Schirokauer, O., ‘Discrete logarithms and local units’, Philos. Trans. A 345 (1993) no. 1676, 409423.
31. The CADO-NFS Development Team: CADO-NFS, an implementation of the number field sieve algorithm, 2015, http://cado-nfs.gforge.inria.fr/, release 2.2.0.
32. Zajac, P., ‘Discrete logarithm problem in degree six finite fields’, PhD Thesis, Slovak University of Technology, 2008, http://www.kaivt.elf.stuba.sk/kaivt/Vyskum/XTRDL.
33. Zajac, P., ‘On the use of the lattice sieve in the 3D NFS’, Tatra Mt. Math. Publ. 45 (2010) 161172.
MathJax
MathJax is a JavaScript display engine for mathematics. For more information see http://www.mathjax.org.

MSC classification

Collecting relations for the number field sieve in $\text{GF}(p^{6})$

  • Pierrick Gaudry (a1), Laurent Grémy (a2) and Marion Videau (a3) (a4)

Metrics

Full text views

Total number of HTML views: 0
Total number of PDF views: 0 *
Loading metrics...

Abstract views

Total abstract views: 0 *
Loading metrics...

* Views captured on Cambridge Core between <date>. This data will be updated every 24 hours.

Usage data cannot currently be displayed