Higher Dimensional Sieving in a Box for Discrete Logarithm in Medium Characteristic Finite Fields using the Number Field Sieve

Finite fields have been used to provide a setting for secure cryptographic systems since the 1970s. The mechanism of ensuring security is a construction which relies on the difficulty of computing the discrete logarithm in a relevant finite field. Over the decades there have been a number of developments in algorithms to solve this problem, most notably the Number Field Sieve and variants. These algorithms are involved and consist of several stages. In this thesis we investigate the sieving and descent stages for the Number Field Sieve when used to solve discrete logarithm in `medium characteristic' finite fields. The best algorithms for this rely on higher dimensional lattice sieving, that is sieving in a lattice of dimension greater than 2. This has been the subject of recent research but there are some unsettled questions in this context which we address, most importantly in a given small dimension, what is the optimal sieving geometry? Even with an efficient sieving setup, for the matter of practical computations in concrete finite fields there is another significant problem in the final stage of the number field sieve, the descent stage. It is known how to initiate the descent stage in most small degree extension fields but in certain field shapes the descent is difficult to complete. We provide a new intermediate descent algorithm which bridges this gap. We give details of two record computations we completed, one using the traditional Number Field Sieve and 3d sieving, and another using a variant of the Number Field Sieve known as the Extended Tower Number Field Sieve and 4d sieving, for which we used our intermediate descent algorithm, and without which the computation would have been difficult to complete (or impossible in a reasonable time frame). These computations are important to help evaluate the security of certain cryptographic schemes which rely on the intractability of discrete log in medium characteristic finite fields.