Comment by pestatije
12 hours ago
there must be tons of functions that are easy to process one way but almost impossible the other.
i get the feeling there is more to it than finding such a function, but the article doesnt get into that
12 hours ago
there must be tons of functions that are easy to process one way but almost impossible the other.
i get the feeling there is more to it than finding such a function, but the article doesnt get into that
You also need the group structure, ie. a(bG) = b(aG) = (ab)G.
But AFAICT, elliptic curve groups really are the best known groups where DH is hard. The "Why curves win" section talks about it terms of key size, but the reason other groups require larger keys is they have some kind of structure which can be exploited to attack the "hard" direction (eg. in a finite field, the ability to factor over primes can be used to solve discrete logs), so the group size has to go up to compensate.
Would there not be an infinite number?
You can make as many slight variations as you want by creating a specific instantiation of a hard problem with different constants. But we don't know how many meaningfully different hard problems exist.
These are problems that have been studied for many years, that are more-or-less central to mathematics, and where we have good reason to think that an efficient solution would be extremely surprising.
If you have much lower standards, there's going to be infinely many that I can't personally solve. Or if you have impractically high standards, there could be zero hard problems, if they just so happen to all have efficient solutions that we haven't found yet. We can't formally prove any of these are hard.
I'd be very surprised if the number of meaningfully hard problems is capable of being bounded. As a proposition it feels opposite to almost everything else we believe about numbers. But, that's just my naieve view.
1 reply →