Discrete Log Problem

Discrete log problem

Given any group$G$and elements$a,b$such that $a^n=b$, the problem of solving for$n$is known as the disctete log problem (DLP). In sage, this can be done for general groups by calling discrete_log

Discrete log over

Typically, one considers the discrete log problem in , i.e. the multiplicative group of integers. Explicitly, the problem asks forgiven . This can be done by calling b.log(a) in sage:

This section is devoted to helping the reader understand which functions are called when for this specific instance of DLP.

Whenis composite and not a prime power, discrete_log() will be used, which uses generic algorithms to solve DLP (e.g. Pohlig-Hellman and baby-step giant-step).

When is a prime, Pari znlog will be used, which uses a linear sieve index calculus method, suitable for .

When , SageMath will fall back on the generic implementation discrete_log()which can be slow. However, Pari znlog can handle this as well, again using the linear sieve index calculus method. To call this within SageMath we can use either of the following (the first option being a tiny bit faster than the second)

Example

Given a small prime, we can compare the Pari method with the Sage defaults

We can also solve this problem with even larger primes in a very short time

Discrete log over

// elliptic curve discrete log functions