Methods to Solve Discrete Logarithm Problem for Ephemeral Keys

Abstract

The present study investigates the difficulty of solving the mathematical problem, namely DLP (Discrete Logarithm Problem) for ephemeral keys. DLP is the basis for many public key cryptosystems. The ephemeral keys are used in such systems to ensure the security. The DLP defined on a prime field Z <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">p</sub> * of random prime is considered in the present study. The most effective method to solve the DLP is the Index Calculus Method. In the present study, an efficient way of computing the DLP for ephemeral key by using a new variant of ICM when the factors of p-1 are known and small is proposed. The ICM has two steps, such as a pre-computation and an individual logarithm computation. The pre-computation step is to compute the logarithms of a subset of a group and the individual logarithm step is to find the DLP using the pre-computed logarithms. Since the ephemeral keys are dynamic and changes for every session, once the logarithms of a subset of a group is known, the DLP for the ephemeral key can be obtained using the individual logarithm step. Therefore, an efficient way of solving the individual logarithm step based on the newly proposed pre-computation method is presented and the performance is analyzed on a comprehensive set of experiments. The ephemeral keys are also solved by using other methods, which are efficient on random primes, such as Pohlig-Hellman, Var-Oorschot method and traditional individual logarithm step. The results are compared with the newly proposed individual logarithm step of ICM. Also, the DLP of ephemeral keys used in a popular password key exchange protocol known as Chang and Chang are computed and reported.