Performance Comparison of Linear Sieve and Cubic Sieve Algorithms for Discrete Logarithms over Prime Fields

  • Abhijit Das
  • C. E. Veni Madhavan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1741)


It is of interest in cryptographic applications to obtain practical performance improvements for the discrete logarithm problem over prime fields \( \mathbb{F}_p \) with p of size ≤ 500 bits. The linear sieve and the cubic sieve methods described in Coppersmith, Odlyzko and Schroeppel’s paper [3] are two practical algorithms for computing discrete logarithms over prime fields. The cubic sieve algorithm is asymptotically faster than the linear sieve algorithm.

We discuss an efficient implementation of the cubic sieve algorithm in- corporating two heuristic principles. We demonstrate through empirical performance measures that for a special class of primes the cubic sieve method runs about two to three times faster than the linear sieve method even in cases of small prime fields of size about 150 bits.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bressoud, D.M.: Factorization and Primality Testing, UTM, Springer-Verlag, 1989.zbMATHGoogle Scholar
  2. 2.
    Cohen, H.: A course in computational algebraic number theory, GTM 138, Springer-Verlag, 1993.Google Scholar
  3. 3.
    Coppersmith, D., Odlyzko, A.M., Schroeppel, R.: Discrete logarithms in GF(p), Algorithmica 1 (1986), 1–15.Google Scholar
  4. 4.
    Das, A., Veni Madhavan, C.E.: Galois field library: Reference manual, Technical report No. IISc-CSA-98-05, Department of Computer Science and Automation, Indian Institute of Science, Feb 1998.Google Scholar
  5. 5.
    Gerver, J.: Factoring large numbers with a quadratic sieve, Math. Comp. 41 (1983), 287–294.Google Scholar
  6. 6.
    Gordon, D.M.: Discrete logarithms in GF(p) using the number field sieve, SIAM Journal of Discrete Mathematics 6 (1993), 124–138.Google Scholar
  7. 7.
    LaMacchia, B.A., Odlyzko, A.M.: Computation of discrete logarithms in prime fields, Designs, Codes, and Cryptography 1 (1991), 46–62.Google Scholar
  8. 8.
    LaMacchia, B.A., Odlyzko, A.M.: Solving large sparse linear systems over finite fields, Advances in Cryptology-CRYPTO’90, A. J. Menezes and S. A. Vanstone (eds.), LNCS 537 (1991), Springer-Verlag, 109–133.Google Scholar
  9. 9.
    McCurley, K.S.: The discrete logarithm problem, Cryptology and Computational Number Theory, Proc. Symp. in Appl. Math. 42 (1990), 49–74.Google Scholar
  10. 10.
    Menezes, A.J., ed.: `Applications of finite fields’, Kluwer Academic Publishers, 1993.Google Scholar
  11. 11.
    Odlyzko, A.M.: Discrete logarithms and their cryptographic significance, Advances in Cryptology: Proceedings of Eurocrypt’84, LNCS 209 (1985), Springer-Verlag, 224–314.Google Scholar
  12. 12.
    Schirokauer, O., Weber, D., Denny, T.: Discrete logarithms: the effectiveness of the index calculus method, Proc. ANTS II, LNCS 1122 (1996), Springer-Verlag, 337–361.Google Scholar
  13. 13.
    Silverman, R.D.: The multiple polynomial quadratic sieve, Math. Comp. 48 (1987), 329–339.Google Scholar
  14. 14.
    Weber, D.: Computing discrete logarithms with the general number field sieve, Proc. ANTS II, LNCS 1122 (1996), Springer-Verlag, 99–114.Google Scholar
  15. 15.
    Weber, D., Denny, T.: The solution of McCurley’s discrete log challenge, Crypto’98, LNCS 1462 (1998), Springer-Verlag, 458–471.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Abhijit Das
    • 1
  • C. E. Veni Madhavan
    • 1
  1. 1.Department of Computer Science and AutomationIndian Institute of ScienceBangaloreIndia

Personalised recommendations