Attack against factorization of $p-1$ of $\mathbb{Z}_p^*$ group

Asked Jan 23 '19 at 14:22

Active Jan 23 '19 at 14:22

Viewed 66 times

It is said that for the group $\mathbb{Z}_p^*$, the factorization of $p-1$, is critical.

If $p-1$ has some small factors $q_1, q_2, q_3, q_4$, then when we transmit $g^x \bmod p$ where $g$ is a generator of this group, the attacker can derive $x \bmod q_1q_2q_3q_4$

How does it happen?

Can someone please provide a practical example, say for $p = 29$, where $p$ is prime but $p-1$ has a bunch of small factors?

asked Jan 23 '19 at 14:22

omnomnom

3

Have you looked at the Pohling-Hellman algorithm? Any remaining question after that? – fgrieu Jan 23 '19 at 14:59
You can easily find example. Take a look at this answer for instance. – Faulst Jan 25 '19 at 18:15

Attack against factorization of $p-1$ of $\mathbb{Z}_p^*$ group

0 Answers0