Cryptology ePrint Archive: Report 2013/306

Solving a $6120$-bit DLP on a Desktop Computer

Faruk Golouglu and Robert Granger and Gary McGuire and Jens Zumbragel

Abstract: In this paper we show how some recent ideas regarding the discrete logarithm problem (DLP) in finite fields of small characteristic may be applied to compute logarithms in some very large fields extremely efficiently. By combining the polynomial time relation generation from the authors' CRYPTO 2013 paper, an improved degree two elimination technique, and an analogue of Joux's recent small-degree elimination method, we solved a DLP in the record-sized finite field of $2^{6120}$ elements, using just a single core-month. Relative to the previous record set by Joux in the field of $2^{4080}$ elements, this represents a $50\%$ increase in the bitlength, using just $5\%$ of the core-hours. We also show that for the fields considered, the parameters for Joux's $L_Q(1/4 + o(1))$ algorithm may be optimised to produce an $L_Q(1/4)$ algorithm.

Category / Keywords: public-key cryptography / Discrete logarithm problem, binary finite fields

Original Publication (in the same form): T. Lange, K. Lauter, and P. Lisonek (Eds.): SAC 2013, LNCS 8282, pp. 136152, 2014
DOI:
10.1007/978-3-662-43414-7_7

Date: received 21 May 2013, last revised 25 Jan 2019

Contact author: dr robert granger at gmail com

Available format(s): PDF | BibTeX Citation

Note: Final published version.

Version: 20190125:124935 (All versions of this report)

Short URL: ia.cr/2013/306


[ Cryptology ePrint archive ]