Complexity news: Also somewhat related: discrete logarithms in I’m starting to analyze multiplicative groups of cost of NFS + CVP small-characteristic finite fields— for class groups, unit groups, the algorithm of Barbulescu, short generators of ideals, etc.; Gaudry, Joux, Thom´ e exploiting subfields D. J. Bernstein (find short norms first), University of Illinois at Chicago & small Galois groups, etc. Technische Universiteit Eindhoven Anyone else working on this? Cryptanalytic applications: Advertisement, maybe related: attack NTRU, Ring-LWE, FHE. iml.univ-mrs.fr/ati/ I think NTRU should switch to geocrypt2013/ random prime-degree extensions 2013.10.07–11, Tahiti. with big Galois groups. Submit talks this month!
Complexity news: Also somewhat related: Discrete discrete logarithms in I’m starting to analyze Goal: Compute multiplicative groups of cost of NFS + CVP group isomo small-characteristic finite fields— F ✄ for class groups, unit groups, q ✦ Z ❂ q � algorithm of Barbulescu, short generators of ideals, etc.; represented Gaudry, Joux, Thom´ e exploiting subfields Algorithm Bernstein (find short norms first), ✄ ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ q University of Illinois at Chicago & small Galois groups, etc. Algorithm echnische Universiteit Eindhoven Anyone else working on this? log ❣ ❤ 1 ❀ log ❣ ❤ ❀ ✿ ✿ ✿ ✷ ❂ q � Cryptanalytic applications: for some ❣ Advertisement, maybe related: attack NTRU, Ring-LWE, FHE. iml.univ-mrs.fr/ati/ “log ❣ ” means I think NTRU should switch to geocrypt2013/ ❣ ✼✦ 1, if random prime-degree extensions 2013.10.07–11, Tahiti. with big Galois groups. Submit talks this month!
news: Also somewhat related: Discrete logarithms rithms in I’m starting to analyze Goal: Compute some groups of cost of NFS + CVP group isomorphism racteristic finite fields— F ✄ for class groups, unit groups, q ✦ Z ❂ ( q � 1), Barbulescu, short generators of ideals, etc.; represented in the Thom´ e exploiting subfields Algorithm input: (find short norms first), ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . Illinois at Chicago & small Galois groups, etc. Algorithm output: Universiteit Eindhoven Anyone else working on this? log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ ❂ q � Cryptanalytic applications: for some ❣ . maybe related: attack NTRU, Ring-LWE, FHE. iml.univ-mrs.fr/ati/ “log ❣ ” means the I think NTRU should switch to ❣ ✼✦ 1, if it exists. random prime-degree extensions Tahiti. with big Galois groups. this month!
Also somewhat related: Discrete logarithms I’m starting to analyze Goal: Compute some cost of NFS + CVP group isomorphism fields— F ✄ for class groups, unit groups, q ✦ Z ❂ ( q � 1), rbulescu, short generators of ideals, etc.; represented in the usual way. exploiting subfields Algorithm input: (find short norms first), ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . Chicago & small Galois groups, etc. Algorithm output: Eindhoven Anyone else working on this? log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � Cryptanalytic applications: for some ❣ . related: attack NTRU, Ring-LWE, FHE. “log ❣ ” means the isomorphism I think NTRU should switch to ❣ ✼✦ 1, if it exists. random prime-degree extensions with big Galois groups.
Also somewhat related: Discrete logarithms I’m starting to analyze Goal: Compute some cost of NFS + CVP group isomorphism F ✄ for class groups, unit groups, q ✦ Z ❂ ( q � 1), short generators of ideals, etc.; represented in the usual way. exploiting subfields Algorithm input: (find short norms first), ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . small Galois groups, etc. Algorithm output: Anyone else working on this? log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) Cryptanalytic applications: for some ❣ . attack NTRU, Ring-LWE, FHE. “log ❣ ” means the isomorphism I think NTRU should switch to ❣ ✼✦ 1, if it exists. random prime-degree extensions with big Galois groups.
somewhat related: Discrete logarithms “Generic” ❣ on average q ❂ ♦ rting to analyze Goal: Compute some uniform, q ❂ ♦ of NFS + CVP group isomorphism Want som F ✄ ss groups, unit groups, q ✦ Z ❂ ( q � 1), generators of ideals, etc.; represented in the usual way. exploiting subfields Algorithm input: short norms first), ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . Galois groups, etc. Algorithm output: one else working on this? log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) Cryptanalytic applications: for some ❣ . NTRU, Ring-LWE, FHE. “log ❣ ” means the isomorphism NTRU should switch to ❣ ✼✦ 1, if it exists. prime-degree extensions big Galois groups.
related: Discrete logarithms “Generic” log ❣ algo on average q 1 ❂ 2+ ♦ (1) analyze Goal: Compute some uniform, q 1 ❂ 3+ ♦ (1) CVP group isomorphism Want something faster. F ✄ unit groups, q ✦ Z ❂ ( q � 1), of ideals, etc.; represented in the usual way. subfields Algorithm input: rms first), ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . groups, etc. Algorithm output: rking on this? log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) applications: for some ❣ . Ring-LWE, FHE. “log ❣ ” means the isomorphism should switch to ❣ ✼✦ 1, if it exists. degree extensions groups.
Discrete logarithms “Generic” log ❣ algorithms: on average q 1 ❂ 2+ ♦ (1) operations Goal: Compute some uniform, q 1 ❂ 3+ ♦ (1) non-unifo group isomorphism Want something faster. F ✄ groups, q ✦ Z ❂ ( q � 1), etc.; represented in the usual way. Algorithm input: ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . Algorithm output: this? log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) applications: for some ❣ . FHE. “log ❣ ” means the isomorphism switch to ❣ ✼✦ 1, if it exists. extensions
Discrete logarithms “Generic” log ❣ algorithms: on average q 1 ❂ 2+ ♦ (1) operations Goal: Compute some uniform, q 1 ❂ 3+ ♦ (1) non-uniform. group isomorphism Want something faster. F ✄ q ✦ Z ❂ ( q � 1), represented in the usual way. Algorithm input: ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . Algorithm output: log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) for some ❣ . “log ❣ ” means the isomorphism ❣ ✼✦ 1, if it exists.
Discrete logarithms “Generic” log ❣ algorithms: on average q 1 ❂ 2+ ♦ (1) operations Goal: Compute some uniform, q 1 ❂ 3+ ♦ (1) non-uniform. group isomorphism Want something faster. F ✄ q ✦ Z ❂ ( q � 1), represented in the usual way. “Basic index calculus”: 1968 Western–Miller, 1979 Merkle, Algorithm input: 1979 Adleman, 1983 Hellman– ❤ 1 ❀ ❤ 2 ❀ ✿ ✿ ✿ ✷ F ✄ q . Reyneri, 1984 Blake–Fuji-Hara– Algorithm output: Mullin–Vanstone, 1985 ElGamal, log ❣ ❤ 1 ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) 1986 Coppersmith–Odlyzko– for some ❣ . Schroeppel, 1991 LaMacchia– Odlyzko, 1993 Adleman– “log ❣ ” means the isomorphism DeMarrais, 1995 Semaev, ❣ ✼✦ 1, if it exists. 1998 Bender–Pomerance.
Discrete logarithms “Generic” log ❣ algorithms: “NFS”: 1991 on average q 1 ❂ 2+ ♦ (1) operations Gordon, Compute some uniform, q 1 ❂ 3+ ♦ (1) non-uniform. Odlyzko, isomorphism Want something faster. Weber–Denny ✄ q ✦ Z ❂ ( q � 1), 1998 Web resented in the usual way. “Basic index calculus”: 1968 Lercier, 2006 Western–Miller, 1979 Merkle, rithm input: Smart–V 1979 Adleman, 1983 Hellman– ❤ ❀ ❤ ❀ ✿ ✿ ✿ ✷ F ✄ q . Reyneri, 1984 Blake–Fuji-Hara– “FFS”: 1984 rithm output: Mullin–Vanstone, 1985 ElGamal, Coppersmith–Davenp ❣ ❤ ❀ log ❣ ❤ 2 ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) 1986 Coppersmith–Odlyzko– Odlyzko, ome ❣ . Schroeppel, 1991 LaMacchia– Gordon–McCurley Odlyzko, 1993 Adleman– 1999 Adleman–Huang, means the isomorphism ❣ DeMarrais, 1995 Semaev, Joux–Lercier, ❣ ✼✦ 1, if it exists. 1998 Bender–Pomerance. 2010/2012 Wang–Matsuo–Shirase–T
rithms “Generic” log ❣ algorithms: “NFS”: 1991 Schirok on average q 1 ❂ 2+ ♦ (1) operations Gordon, 1993 Schirok some uniform, q 1 ❂ 3+ ♦ (1) non-uniform. Odlyzko, 1996 Schirok hism Want something faster. Weber–Denny, 1996 ✄ q ✦ ❂ q � 1), 1998 Weber–Denny the usual way. “Basic index calculus”: 1968 Lercier, 2006 Joux–Lercier– Western–Miller, 1979 Merkle, put: Smart–Vercauteren. 1979 Adleman, 1983 Hellman– ✄ ❤ ❀ ❤ ❀ ✿ ✿ ✿ ✷ q Reyneri, 1984 Blake–Fuji-Hara– “FFS”: 1984 Copp ut: Mullin–Vanstone, 1985 ElGamal, Coppersmith–Davenp ❣ ❤ ❀ ❣ ❤ ❀ ✿ ✿ ✿ ✷ Z ❂ ( q � 1) 1986 Coppersmith–Odlyzko– Odlyzko, 1990 McCurley ❣ Schroeppel, 1991 LaMacchia– Gordon–McCurley, Odlyzko, 1993 Adleman– 1999 Adleman–Huang, the isomorphism ❣ DeMarrais, 1995 Semaev, Joux–Lercier, 2006 ❣ ✼✦ exists. 1998 Bender–Pomerance. 2010/2012 Hayashi–Shinoha Wang–Matsuo–Shirase–T
Recommend
More recommend
