Index Calculus algorithm wrong solution

Question

We want to be able to compute discrete logarithms with basis $a = 89$ in $\mathbb{Z}^*_p$ for $p = 1235789.$ We choose the factor base $B = {−1, 2, 3, 5, 7, 11, 13, 17, 19, 23}$. With the first step of Index Calculus algorithm I get this system of linear equations.

\begin{bmatrix}0&3& 0& 2& 0& 0& 2 & 0 & 0 & 1 & 100058\\ 1&1&1&0&0&0&1&0&0&3&100131\\0&4&3&0 & 0 & 1 & 0 & 0 & 1 & 0 & 100152 \\ 1 & 6 & 3 & 1 & 0 & 1 & 1 & 0 & 0 & 0 & 100232\\ 1 &2 &3 & 0 & 1 & 2 & 1 & 0 & 0 & 0 & 100343 \\ 1 & 2 & 7 & 0 & 1 & 0 & 1 &0 & 0 & 0 & 100360\\ 1 & 5 & 2 & 1 & 2 & 0 & 0 &1 & 0 & 0 & 100385\\ 1 & 6 & 2 & 1 & 0 & 0 & 0 & 1 & 0 & 1 & 100401\\ 0 & 0 & 4 & 0 & 3 & 0 & 0 & 1 & 0 & 0 & 100412\\ 0 & 0 & 5 & 0 & 1 & 0 & 0 & 1 & 0 & 1 & 100428 \end{bmatrix}

Then I use Gauss's elimination to solve the equations.

\begin{bmatrix} 1& 0& 0& 0& 0& 0& 0& 0& 0& 0& -494241/70\\ 0& 1& 0& 0& 0& 0& 0& 0& 0& 0& 250358/35\\ 0& 0& 1& 0& 0& 0& 0& 0& 0& 0& 250358/35\\ 0& 0& 0& 1& 0& 0& 0& 0& 0& 0& -1749/10\\ 0& 0& 0& 0& 1& 0& 0& 0& 0& 0& 498777/35\\ 0& 0& 0& 0& 0& 1& 0& 0& 0& 0& 1000837/70\\ 0& 0& 0& 0& 0& 0& 1& 0& 0& 0& 2015443/70\\ 0& 0& 0& 0& 0& 0& 0& 1& 0& 0& 1016657/35\\ 0& 0& 0& 0& 0& 0& 0& 0& 1& 0& 2504791/70\\ 0& 0& 0& 0& 0& 0& 0& 0& 0& 1& 747756/35\\\end{bmatrix}

I'm having problems understanding why is my solution of linear equations not correct?

Edit: What is the correct way to use guass's elimination with$\mod p - 1$?

Ah, now I understand why teachers hate it when I skip all the steps and only present my answer asking "what did I do wrong?!" — Simply Beautiful Art, Dec 30 '16 at 19:37
I would go through the intermediate steps backwards, plugging in your solution to each one and seeing what is the last matrix where your solution does not work. Between that and the next matrix an error occurred. — Robert Israel, Dec 30 '16 at 19:43
Your question could be improved by explaining how you know your solution is incorrect. — ameed, Dec 30 '16 at 20:16

score 1 · Answer 1 · answered Dec 30 '16 at 20:15

For index calculus, you need to do linear algebra mod $p - 1$. So you can't use ordinary linear algebra methods for the real numbers, since things like division won't work properly.

As it turns out, you can do linear algebra in any field, because a field supports addition, subtraction, multiplication, and division (multiplication by the inverse). Unfortunately, the integers mod $p - 1$ aren't a field. Only the integers modulo a prime are a field, but $p - 1$ isn't prime (unless $p = 3$). So you need to turn your problem modulo $p - 1$ into one or more problems modulo primes.

To do this, factor

$$ p - 1 = \prod_{i} q_i^{e_i}, $$

where the $q_i$ are prime and distinct. Then solve the system modulo each of the $q_i$, lift these solutions to $q_i^{e_i}$, and finally use the Chinese Remainder Theorem to get a solution modulo $p - 1$.

Are you talking about https://pages.cs.wisc.edu/~cs812-1/adleman.pdf version’s of the index calculus ? — user2284570, Jun 15 '25 at 14:26

Index Calculus algorithm wrong solution

1 Answers1