Pohlig–Hellman algorithm

Pohlig–Hellman algorithm

In mathematics, the Pohlig–Hellman algorithm is an algorithm for the computation of discrete logarithms in a multiplicative group whose order is a smooth integer. The algorithm is based on the Chinese remainder theorem.

The algorithm was discovered by Roland Silver, but first published by Stephen Pohlig and Martin Hellman (independent of Silver).

We will explain the algorithm in terms of the group formed by taking all the elements of Zp which are coprime to p, and leave it to the advanced reader to extend the algorithm to other groups by using Lagrange's Theorem.

:Input Integers "p", "g", "e".:Output Integer "x", such that "e ≡ gx (mod p)".

:#Determine the prime factorization and totient of the order of the group :

varphi(p)= p_1cdot p_2 cdot ldots cdot p_n
:#From the remainder theorem we know that "x = a1 p1 + b1". We now find the value of "b1" for which the following equation holds using a fast algorithm such as Baby-step giant-step :

egin{matrix}e^{varphi(p)/p_1} & equiv & (g^x)^{varphi(p)/p_1} pmod{p} \ & equiv & (g^{varphi(p)})^{a_1}g^{b_1varphi(p)/p_1} pmod{p} \ & equiv & (g^{varphi(p)/p_1})^{b_1} pmod{p}end{matrix} (using Euler's theorem)

Note that if g^{varphi(p)/p_1} equiv 1 pmod{p} then the order of "g" is less than φ("p") and e^{varphi(p)/p_1} mod p must be 1 for a solution to exist. In this case there will be more than one solution for "x" less than φ("p"), but since we are not looking for the whole set, we can require that "b"1=0.
The same operation is now performed for "p2" up to "pn".
A minor modification is needed where a prime number is repeated. Suppose we are seeing "pi" for the "k+1"-th time. Then we already know "ci" in the equation "x = ai pik+1 + bi pik+ci", and we find "bi" the same way as before.:#We end up with enough simultaneous congruences so that "x" can be solved using the Chinese remainder theorem.

Complexity

The time complexity of the Pohlig–Hellman algorithm is O(sqrt n) for a group of order "n", but it is more efficient if the order is smooth.


=References=
#S. Pohlig and M. Hellman. " [http://www.dtc.umn.edu/~odlyzko/doc/arch/discrete.logs.pdf An Improved Algorithm for Computing Logarithms over GF(p) and its Cryptographic Significance] ", "IEEE Transactions on Information Theory" 24 (1978), pp. 106–110.


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Pohlig-Hellman-Algorithmus — Der Pohlig Hellman Algorithmus wurde nach den Mathematikern Stephen Pohlig und Martin Hellman benannt. Gelegentlich ist dieser Algorithmus in der Literatur auch unter dem Namen Silver Pohlig Hellman Algorithmus zu finden. Mit dem Pohlig Hellman… …   Deutsch Wikipedia

  • Silver-Pohlig-Hellman-Algorithmus — Der Pohlig Hellman Algorithmus wurde nach den Mathematikern Stephen Pohlig und Martin Hellman benannt. Gelegentlich ist dieser Algorithmus in der Literatur auch unter dem Namen Silver Pohlig Hellman Algorithmus zu finden. Mit dem Pohlig Hellman… …   Deutsch Wikipedia

  • Hellman — is the surname of: * Danny Hellman (born 1964), American illustrator and cartoonist nicknamed Dirty Danny * Frances Hellman, physicist at University of California, Berkeley * Jakob Hellman (born 1965), Swedish pop singer * Lillian Hellman… …   Wikipedia

  • Diffie–Hellman key exchange — (D–H)[nb 1] is a specific method of exchanging keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge …   Wikipedia

  • Diffie-Hellman key exchange — (D H) is a cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications… …   Wikipedia

  • Martin Hellman — Martin Edward Hellman Born October 2, 1945 (1945 10 02) (age 66) …   Wikipedia

  • Multiplication algorithm — A multiplication algorithm is an algorithm (or method) to multiply two numbers. Depending on the size of the numbers, different algorithms are in use. Efficient multiplication algorithms have existed since the advent of the decimal system.… …   Wikipedia

  • Cipolla's algorithm — In computational number theory, Cipolla s algorithm is a technique for solving a congruence of the form x2 = n, where , so n is the square of x, and where p is an odd prime. Here denotes the finite field with p elements; . Th …   Wikipedia

  • Williams' p + 1 algorithm — In computational number theory, Williams p + 1 algorithm is an integer factorization algorithm, one of the family of algebraic group factorisation algorithms. It was invented by Hugh C. Williams in 1982. It works well if the number N to be… …   Wikipedia

  • Cornacchia's algorithm — In computational number theory, Cornacchia s algorithm is an algorithm for solving the Diophantine equation x2 + dy2 = m, where and d and m are coprime. The algorithm was described in 1908 by Giuseppe Cornacchia[1]. Contents 1 The algorithm …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”