----- Original Message ----- From: "NOP" <[EMAIL PROTECTED]> To: "Derek Atkins" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, March 14, 2003 9:32 PM Subject: Re: Diffie-Hellman 128 bit
> Well, I'm attacking a protocol, I know the rules of DH parameters, and the > issue here is I'm trying to solve x, brute forcing that in the 128 bit range > can be difficult, and x doesn't have to be a prime. (a = g^x mod P). Their > primes are 128 bit primes, as well as their pubkeys, I've done some tests on > their prime, and all perform under this method of (p-1)/2 = prime. This > eliminates the pohlig-hellman discrete logarithm attack, but I'm trying to > learn the Gaussian integer method. Sorry, I mentioned using NFS in my previous reply, which is probably not the way you want to go about this (since it's not as efficient for small values and more complicated to code). Index-Calculus with Gaussian integers is indeed a good way. You can look at the paper from LaMacchia and Odlyzko http://citeseer.nj.nec.com/lamacchia91computation.html which Derek and maybe someone else pointed out.. They easily calculated discret logs modulo a 192-bit integer. --Anton --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]