Remarks on Cheon's Algorithms for Pairing-Related Problems.

In EUROCRYPT 2006, Cheon proposed breakthrough algorithms for pairing-related problems such as the q-weak/strong Diffie-Hellman problem. Using that the exponents of an element in an abelian group G of prime order p form the ring Z/pZ structure even if G is a generic group, Cheon's algorithms reduce their complexity by Pohlig-Hellman like method over (Z/pZ)* or its extension. The algorithms are more efficient than solving the relative discrete logarithm problems in certain cases. This paper shows that Cheon's algorithms are faster than the result obtained by the complexity analysis in Cheon's paper, i.e. the algorithms can be done within $O( \sqrt{p/d} + \sqrt{d} )$ group operations, where d is a positive divisor of p − 1 with d ≤ q or a positive divisor of p + 1 with 2d ≤ q, instead of $O( \log p ( \sqrt{p/d} + \sqrt{d} ) )$ group operations shown by Cheon. This paper also shows an improvement of one of the algorithms for q-weak Diffie-Hellman problem. The improvement can be done within $O( \epsilon \sqrt{p/d} )$ group operations, where ε =  min ( 2/(1 − logpd), logp ). Moreover, this paper discusses how to choose the group order so that the algorithms are inefficient and also shows a condition for the group order and the probability that an order satisfies the condition. [ABSTRACT FROM AUTHOR]