Skip to main content
Cryptography

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

12
  • $\begingroup$ I do not see how to solve DLog if you know how to fine $y\bmod 3$. Could you please explain a bit? $\endgroup$ Commented Apr 23, 2017 at 17:31
  • $\begingroup$ @Turbo: well, you would find $y \bmod 3$, and then compute $h' = (h g^{-(y \bmod 3)})^{3^{-1} \bmod q} = g^{\lfloor y/3\rfloor}$ ($q$ is the size of the group). Then, giving $h'$ to the Oracle will give the next ternary digit, and repeat until you've read the entire value of $y$ in ternary. $\endgroup$ Commented Apr 23, 2017 at 17:36
  • $\begingroup$ you mean $\bmod (p-1)$ instead of $\bmod (q-1)$? $\endgroup$ Commented Apr 23, 2017 at 17:42
  • $\begingroup$ @Turbo: I mean the size of the group; I tried to edit it to be $p-1$, but the 5 minutes edit limit had passed... $\endgroup$ Commented Apr 23, 2017 at 17:43
  • $\begingroup$ are there discrete logarithm schemes where even the last bit is secure? Or is that bit always insecure? $\endgroup$ Commented Jun 2, 2017 at 1:40