Subject: Discussion related to cado-nfs
List archive
- From: Pierrick Gaudry <pierrick.gaudry@loria.fr>
- To: Tiffany <bcjzyyyhtw@outlook.com>
- Cc: "cado-nfs@inria.fr" <cado-nfs@inria.fr>
- Subject: Re: [cado-nfs] solving DLP in GF(p) with ell^2 divides p-1 using CADO-NFS
- Date: Fri, 18 Apr 2025 08:28:56 +0200
- Authentication-results: mail2-relais-roc.national.inria.fr; dkim=none (message not signed) header.i=none
Dear Tiffany,
Thank you for point to the old message of 2019, where I concluded with:
"It might be easy, but maybe not."
It turned out not to be easy, and was never fixed.
I vaguely remember discussing with Emmanuel Thomé, and that the outcome
was that this would require defining Shirokauer maps in a different way
that what we do. So, the plan would be:
- Do some theory to define the appropriate number-theoretic tool;
- Turns this into an efficient algorithm;
- Implement!
I really think that this is feasible, but there needs to be some use case
to motivate this research. If so, I think that it could be a nice project
for a PhD student who is fluent enough with NFS and the underlying
mathematical theory. In any case, this would take time and there is no
current plan for doing it.
So, in summary, the short answer is "Sorry, your use case is not
supported, and there is no plan to support it."
Best regards,
Pierrick
On Fri, Apr 18, 2025 at 04:54:31AM +0000, T iffany wrote:
> Hi,
> I am currently working on solving a discrete logarithm problem in the
> finite field GF(p), where the prime p satisfies the relation p−1=16q^2 with
> q also being prime. the command I use is:
>
> *
> [https://file+.vscode-resource.vscode-cdn.net/d%3A/CTF_challs/pytools/useful%20tools/cado-nfs.py]./cado-nfs.py
> -dlp -ell 10939385599812931291
> target=1520104544106795253621809691052117121393
> 1914722516822312424274313822430190826897
>
> And here target satisfy target^q=1 (mod p). When I attempt to solve this
> DLP using CADO-NFS, the result I obtain is 0:
>
> *
> Info:root: logbase = 1445716020256136655461963773328391563938
> *
> Info:root: target = 1520104544106795253621809691052117121393
> *
> Info:root: log(target) = 0 mod ell
>
> After researching this issue, I came across a similar question raised in
> the mailing list archives from August 2019 "[Cado-nfs-discuss] DLP in GF(p)
> turns out to be 0".
> I would like to ask:
>
> 1.
> Was the issue mentioned in that discussion eventually resolved?
> 2.
> If so, is there a specific way to configure or use CADO-NFS to correctly
> handle such a case?
>
> Any guidance or suggestions would be greatly appreciated. Thank you very
> much for your time and for your work on this great tool.
> Best regards,
> Tiffany
>
- [cado-nfs] solving DLP in GF(p) with ell^2 divides p-1 using CADO-NFS, T iffany, 04/18/2025
- Re: [cado-nfs] solving DLP in GF(p) with ell^2 divides p-1 using CADO-NFS, Pierrick Gaudry, 04/18/2025
Archive powered by MHonArc 2.6.19+.