Solving a DLP with auxiliary input with the ρ-algorithm

Yumi Sakemi, Tetsuya Izu, Masahiko Takenaka, Masaya Yasuda

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)


The discrete logarithm problem with auxiliary input (DLPwAI) is a problem to find a positive integer α from elements G, αG, α d G in an additive cyclic group generated by G of prime order r and a positive integer d dividing r -1. In 2011, Sakemi et al. implemented Cheon's algorithm for solving DLPwAI, and solved a DLPwAI in a group with 128-bit order r in about 131 hours with a single core on an elliptic curve defined over a prime finite field which is used in the TinyTate library for embedded cryptographic devices. However, since their implementation was based on Shanks' Baby-step Giant-step (BSGS) algorithm as a sub-algorithm, it required a large amount of memory (246 GByte) so that it was concluded that applying other DLPwAIs with larger parameter is infeasible. In this paper, we implemented Cheon's algorithm based on Pollard's ρ-algorithm in order to reduce the required memory. As a result, we have succeeded solving the same DLPwAI in about 136 hours by a single core with less memory (0.5 MByte).

Original languageEnglish
Title of host publicationInformation Security Applications - 12th International Workshop, WISA 2011, Revised Selected Papers
Number of pages11
Publication statusPublished - 2012
Externally publishedYes
Event12th International Workshop on Information Security Applications, WISA 2011 - Jeju Island, Korea, Republic of
Duration: Aug 22 2011Aug 24 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7115 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other12th International Workshop on Information Security Applications, WISA 2011
Country/TerritoryKorea, Republic of
CityJeju Island

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Solving a DLP with auxiliary input with the ρ-algorithm'. Together they form a unique fingerprint.

Cite this