Abstract
The discrete logarithm problem modulo a composite—abbreviate it as DLPC—is the following: given a (possibly) composite integer n ≥ 1 and elements \({a, b \in \mathbb{Z}_n^*}\), determine an \({x \in \mathbb{N}}\) satisfying a x = b if one exists. The question whether integer factoring can be reduced in deterministic polynomial time to the DLPC remains open. In this paper we consider the problem \({{\rm DLPC}_\varepsilon}\) obtained by adding in the DLPC the constraint \({x\le (1-\varepsilon)n}\), where \({\varepsilon}\) is an arbitrary fixed number, \({0 < \varepsilon\le\frac{1}{2}}\). We prove that factoring n reduces in deterministic subexponential time to the \({{\rm DLPC}_\varepsilon}\) with \({O_\varepsilon((\ln n)^2)}\) queries for moduli less or equal to n.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
L. M. Adleman & K. S. McCurley (1994). Open problems in number theoretic complexity II. In: Algorithmic Number Theory, First International Symposium, ANTS-I, Ithaca, NY, USA, 291–322. Springer-Verlag.
E. Bach (1984). Discrete logarithms and factoring. Technical Report UCB/CSD-84-186, EECS Department, University of California, Berkeley. http://www.eecs.berkeley.edu/Pubs/TechRpts/1984/5973.html.
Coppersmith D. (1997) Small solutions to polynomial equations and low exponent RSA vulnerabilities. Journal of Cryptology 10: 233–260
Coron J.-S., May A. (2007) Deterministicpolynomial-time equivalence of computing the RSA secret key and factoring. Journal of Cryptology 20: 39–50
Gordon D.M. (1993) Discrete logarithms in GF(p) using the number field sieve. SIAM Journal on Discrete Mathematics 6: 124–138
A. K. Lenstra & H. W. Lenstra (editors) (1993). The development of the number field sieve, volume 1554. Lecture Notes in Mathematics. Springer-Verlag.
Lenstra A.K., Lenstra H.W., Lovász L. (1982) Factoring polynomials with rational coefficients. Mathematische Annalen 261: 515–534
McCurley K.S. (1988) A key distribution system equivalent to factoring. Journal of Cryptology 1: 95–105
J. McKee & R. Pinch (1996). Old and new deterministic factoring algorithms. In: Algorithmic Number Theory, Second International Symposium, ANTS-II, Talence, France, 217–224. Springer-Verlag.
Źrałek B. (2010) A deterministic version of Pollard’s p−1 algorithm. Mathematics of Computation 79: 513–533
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Pomykała, J., Źrałek, B. On reducing factorization to the discrete logarithm problem modulo a composite. comput. complex. 21, 421–429 (2012). https://doi.org/10.1007/s00037-012-0037-5
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00037-012-0037-5
Keywords
- Integer factorization
- discrete logarithm problem modulo a composite
- deterministic subexponential time reduction