A Subexponential Quantum Algorithm for the Semidirect Discrete Logarithm Problem
Christopher Battarbee, Delaram Kahrobaei, Ludovic Perret, Siamak F. Shahandashti
TL;DR
The paper analyzes the Semidirect Discrete Logarithm Problem (SDLP) in a quantum setting and shows that SDLP can be reframed as a group-action problem. It derives a subexponential quantum algorithm by reducing SDLP to the Group Action Discrete Logarithm Problem (GADLP) and then to the Abelian Hidden Shift Problem (AHSP), solvable via Kuperberg or Regev-type subexponential quantum algorithms. The main result is a quantum algorithm with complexity $2^{\mathcal{O}(\sqrt{\log p})}$ for SDLP on an easy family of semigroups, highlighting the connection between SDLP and well-studied hidden-shift problems. These findings situate SDPKE within a hard-homogeneous-space framework (SPDH) and clarify SDLP’s position in the post-quantum hardness landscape, informing cryptographic design and security analyses.
Abstract
Group-based cryptography is a relatively unexplored family in post-quantum cryptography, and the so-called Semidirect Discrete Logarithm Problem (SDLP) is one of its most central problems. However, the complexity of SDLP and its relationship to more well-known hardness problems, particularly with respect to its security against quantum adversaries, has not been well understood and was a significant open problem for researchers in this area. In this paper we give the first dedicated security analysis of SDLP. In particular, we provide a connection between SDLP and group actions, a context in which quantum subexponential algorithms are known to apply. We are therefore able to construct a subexponential quantum algorithm for solving SDLP, thereby classifying the complexity of SDLP and its relation to known computational problems.