On the discrete logarithm problem for prime-field elliptic curves

• Published in: Finite fields and their applications Vol. 51; pp. 168 - 182
• Main Authors: Amadori, Alessandro, Pintore, Federico, Sala, Massimiliano
• Format: Journal Article
• Language: English
• Published: Elsevier Inc 01.05.2018
• Subjects: Discrete logarithm problem (DLP); Elliptic curve; Groebner basis; Prime field; Summation polynomials; Summation polynomials; 14G15; 11T71; 11Y16; Prime field; Groebner basis; 13P10; 14H52; Elliptic curve; 11G20; Discrete logarithm problem (DLP)
• ISSN: 1071-5797; 1090-2465; 1090-2465
• DOI: 10.1016/j.ffa.2018.01.009

•A new index calculus for the Elliptic Curve Discrete Logarithm Problem is proposed.•The algorithm works for any finite field and it exploits summation polynomials.•Just one relation among points of the factor base needs to be found.•The linear algebra step is avoided.•Its improvement is evident for the prime-field case. In recent years several papers have appeared that investigate the classical discrete logarithm problem for elliptic curves by means of the multivariate polynomial approach based on the celebrated summation polynomials, introduced by Semaev in 2004. With a notable exception by Petit et al. in 2016, all numerous papers on the subject have investigated only the composite-field case, leaving apart the laborious prime-field case. In this paper we propose a variation of Semaev's original approach that reduces to only one the relations to be found among points of the factor base, thus decreasing drastically the necessary Groebner basis computations. Our proposal holds for any finite field but it is particularly suitable for the prime-field case, where it outperforms both the original Semaev's method and the specialised algorithm by Petit et al..