|
|
|
|
|
|
by plopilop
2156 days ago
|
|
|
Big mistake in the article: the discrete log is not a trapdoor function, as far as we know, and elliptic curve crypto does not rely on trapdoors. A trapdoor function is when you have a function hard to invert (for any x, given y = f(x), find x), which inversion becomes very easy once you know some additional info.
For instance in RSA, given c = m^e mod N, it is hard to find m. Unless you know d such that e*d = 1 mod phi(N), then you can easily find m by computing m = c^d mod N. There is no known way of easily inverting exponentiation on finite groups. To quote Wikipedia, "Functions related to the hardness of the discrete logarithm problem [...] are not known to be trapdoor functions, because there is no known "trapdoor" information about the group that enables the efficient computation of discrete logarithms. " |
|
|