workfactor.cpp

Go to the documentation of this file.

/*
* Public Key Work Factor Functions
* (C) 1999-2007,2012 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
 
#include <botan/workfactor.h>
#include <algorithm>
#include <cmath>
 
namespace Botan {
 
size_t ecp_work_factor(size_t bits)
   {
   return bits / 2;
   }
 
namespace {
 
size_t nfs_workfactor(size_t bits, double log2_k)
   {
   // approximates natural logarithm of an integer of given bitsize
   const double log2_e = 1.44269504088896340736;
   const double log_p = bits / log2_e;
 
   const double log_log_p = std::log(log_p);
 
   // RFC 3766: k * e^((1.92 + o(1)) * cubrt(ln(n) * (ln(ln(n)))^2))
   const double est = 1.92 * std::pow(log_p * log_log_p * log_log_p, 1.0/3.0);
 
   // return log2 of the workfactor
   return static_cast<size_t>(log2_k + log2_e * est);
   }
 
}
 
size_t if_work_factor(size_t bits)
   {
   // RFC 3766 estimates k at .02 and o(1) to be effectively zero for sizes of interest
 
   const double log2_k = -5.6438; // log2(.02)
   return nfs_workfactor(bits, log2_k);
   }
 
size_t dl_work_factor(size_t bits)
   {
   // Lacking better estimates...
   return if_work_factor(bits);
   }
 
size_t dl_exponent_size(size_t bits)
   {
   /*
   This uses a slightly tweaked version of the standard work factor
   function above. It assumes k is 1 (thus overestimating the strength
   of the prime group by 5-6 bits), and always returns at least 128 bits
   (this only matters for very small primes).
   */
   const size_t min_workfactor = 64;
   const double log2_k = 0;
 
   return 2 * std::max<size_t>(min_workfactor, nfs_workfactor(bits, log2_k));
   }
 
}