Abstract
A low Hamming weight product (LHWP) exponent is used to increase the efficiency of cryptosystems based on the discrete logarithm problem (DLP). In this paper, we introduce a new tool, called a Parameterized Splitting System, to analyze the security of the DLP with LHWP exponents.We apply a parameterized splitting system to attack the GPS identification scheme modified by Coron, Lefranc and Poupard in CHES’05 and obtain an algorithm of 261.6 time complexity which was expected to be 278. Also a parameterized splitting system can be used to solve the DLP with a LHWP exponent proposed by Hoffstein and Silverman in 254.51 time complexity, that is smaller than 259 in the recent Cheon-Kim attack.KeywordsDiscrete Logarithm Problem with Low Hamming Weight Product (LHWP) ExponentsParameterized Splitting Systems
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call