The new algorithm can be adapted to diverse finite fields by customizing it with an {\sc nfs}-like core or an {\sc ffs}-like core.
In both cases, after a number of {\sc sdhp} oracle queries, the attacker builds-up the ability to solve new {\sc sdhp} instances {\sl unknown before the query phase}.
While sub-exponential, the algorithm is still significantly faster than all currently known {\sc dlp} and {\sc sdhp} resolution methods.
We explore the applicability of the technique to various cryptosystems.
The attacks were implemented in ${\mathbb F}_{2^{1025}}$ and also in ${\mathbb F}_{p}$, for a $516$-bit $p$.
Category / Keywords: public-key cryptography / DLP, SDH, oracle, NFS, FFS Date: received 14 May 2008 Contact author: david at naccache fr Available formats: PDF | BibTeX Citation Version: 20080523:071732 (All versions of this report) Discussion forum: Show discussion | Start new discussion