On the Index of Diffie-Hellman Mapping

Abstract

Let γ be a generator of a cyclic group G of order n. The least index of a self-mapping f of G is the index of the largest subgroup U of G such that f(x)x-r is constant on each coset of U for some positive integer~r. We determine the index of the univariate Diffie-Hellman mapping d(γa)=γa2, a=0,1,…,n-1, and show that any mapping of small index coincides with~d only on a small subset of G. Moreover, we prove similar results for the bivariate Diffie-Hellman mapping D(γa,γb)=γab, a,b=0,1,…,n-1. In the special case that G is a subgroup of the multiplicative group of a finite field we present improvements.