Computing small discrete logarithms using optimized lookup tables

In our previous work Crux , we used an additively homomorphic elliptic-curve cryptosystem, based on El Gamal, to compute privacy-preserving statistics for the Tor network [4]. The decryption algorithm of our cryptographic scheme required the computation of a small discrete logarithm (DL). For small values, the computation of the DLP should have been trivial as an exhaustive search would quickly retrieve the correct result. However, in our case the discrete logarithms ended up being quite large and an exhaustive search proved to be quite slow for reallife applications. In this work, we investigate an alternative approach, which uses an optimized lookup table of precomputed discrete logarithms. More specifically, we use a non-exhaustive lookup table to assist and speed up the computation of the small discrete logarithms. Similar approaches have been also been considered in the past [5], [3], [2]. Initially, we examine the related work in the field, we then outline our method, and finally we experimentally evaluate its performance. Based on our findings, we provide a python implementation, which we also incorporate in Crux.