Reynald Lercier

Learn More
In this paper, we study several variations of the number field sieve to compute discrete logarithms in finite fields of the form Fpn , with p a medium to large prime. We show that when n is not too large, this yields a Lpn(1/3) algorithm with efficiency similar to that of the regular number field sieve over prime fields. This approach complements the recent(More)
In this paper, we describe many improvements to the number field sieve. Our main contribution consists of a new way to compute individual logarithms with the number field sieve without solving a very large linear system for each logarithm. We show that, with these improvements, the number field sieve outperforms the gaussian integer method in the hundred(More)
In this paper, we describe improvements to the function field sieve (FFS) for the discrete logarithm problem in Fpn , when p is small. Our main contribution is a new way to build the algebraic function fields needed in the algorithm. With this new construction, the heuristic complexity is as good as the complexity of the construction proposed by Adleman and(More)
Cryptographic schemes using elliptic curves over nite elds require the computation of the cardinality of the curves. Dramatic progress have been achieved recently in that eld by various authors. The aim of this article is to highlight part of these improvements and to describe an eecient implementation of them in the particular case of the elds GF (2 n),(More)
We revisit the randomized approach followed in the design of the RMAC message authentication code in order to construct a MAC with similar properties, but based on WegmanCarter’s ε-universal hash families instead of a classical CBC chain. This yields a new message authentication code called FRMAC whose security bounds are, as in RMAC, beyond the birthday(More)
Contrary to what happens over prime elds of large characteristic , the main cost when counting the number of points of an elliptic curve E over F2n is the computation of isogenies of prime degreè. The best method so far is due to Couveignes and needs asymptotically O(` 3) eld operations. We outline in this article some nice properties satissed by these(More)
In this paper, we present a new fault attack on elliptic curve scalar product algorithms. This attack is tailored to work on the classical Montgomery ladder method when the y-coordinate is not used. No weakness has been reported so far on such implementations, which are very efficient and were promoted by several authors. But taking into account the twist(More)
This paper extends Joux-Naccache-Thomé’s e-th root algorithm to the static Diffie-Hellman problem (sdhp). The new algorithm can be adapted to diverse finite fields by customizing it with an nfs-like core or an ffs-like core. In both cases, after a number of non-adaptive sdhp oracle queries, the attacker buildsup the ability to solve new sdhp instances(More)
We construct two new families of basis for finite field extensions. Bases in the first family, the so-called elliptic bases, are not quite normal bases, but they allow very fast Frobenius exponentiation while preserving sparse multiplication formulas. Bases in the second family, the so-called normal elliptic bases are normal bases and allow fast(More)