Skip to main content
Conference Proceedings

How to solve multiple short-exponent discrete logarithm problem

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2019) 11689 LNCS 53-64
DOI: 10.1007/978-3-030-26834-3_4
0Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Let G be a group of prime order p with a generator g. It is known that one can find x1,..., xL from gx1,..., gxL in time (Formula presented.). On the other hand, suppose that 0 ≤ x < w. Then Pollard’s kangaroo algorithm (or Pollard’s lambda algorithm) can find x from gx in time (Formula presented.). It is used in the decryption algorithm of the homomorphic encryption scheme of Boneh, Goh and Nissim. Now suppose that 0 ≤ xi < w for i=1,..., L. This paper shows that we can find x1,...,xL from gx1,...,gxL in time (Formula presented.). We further show an application of our algorithm to the model of preprocessing.

Author supplied keywords

Cite

CITATION STYLE

APA

Kurosawa, K., Ueda, A., Matsuhashi, H., & Sakagami, Y. (2019). How to solve multiple short-exponent discrete logarithm problem. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11689 LNCS, pp. 53–64). Springer Verlag. https://doi.org/10.1007/978-3-030-26834-3_4

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free