Abstract
In discrete logarithm based cryptography, a method by Pohlig andHellman allows solving the discrete logarithm problem efficiently if the group order is known and has no large prime factors. The consequence is that such groups are avoided. In the past, there have been proposals for cryptography based on cyclic infrastructures. We will show that the Pohlig-Hellman method can be adapted to certain cyclic infrastructures, which similarly implies that certain infrastructures should not be used for cryptography. This generalizes a result by M¨uller, Vanstone and Zuccherato for infrastructures obtained from hyperelliptic function fields.   We recall the Pohlig-Hellman method, define the concept of a cyclic infrastructureand briefly describe how to obtain such infrastructures from certain function fields of unit rank one. Then, we describe how to obtain cyclic groups from discrete cyclic infrastructures and how to apply the Pohlig-Hellman method to compute absolute distances, which is in general a computationally hard problem for cyclic infrastructures. Moreover, we give an algorithm which allows to test whether an infrastructure satisfies certain requirements needed for applying the Pohlig-Hellman method, and discuss whether the Pohlig-Hellman method is applicable in infrastructures obtained from number fields. Finally, we discuss how this influences cryptography based on cyclic infrastructures.
Highlights
Since the advent of cryptographic protocols such as the Diffie-Hellman key exchange protocol and ElGamal encryption, the security of many cryptographic protocols is based on the hardness of the discrete logarithm problem: given h, an element of a finite cyclic group g, find an integer n ∈ N such that gn = h
There have been proposals for cryptography based on cyclic infrastructures
We will show that the Pohlig-Hellman method can be adapted to certain cyclic infrastructures, which implies that certain infrastructures should not be used for cryptography
Summary
Shanks in 1972 [28], called the infrastructure of a real quadratic number field This structure behaves similar to finite cyclic groups, with the main difference that the operation corresponding to multiplication is not associative. The key exchange protocol for infrastructures was refined [13, 12] and extended to real quadratic function fields [26, 10] The security of these protocols is mostly based on the fact that computing distances in infrastructures in general is assumed to be hard. As the problem of computing distances in infrastructures is related (see Section 5) to the problem of computing discrete logarithms in finite cyclic groups, one has to ask the question whether the idea of Pohlig-Hellman can be applied in this setting.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
