An efficient and secure RSA--like cryptosystem exploiting R\'edei rational functions over conics

We define an isomorphism between the group of points of a conic and the set of integers modulo a prime equipped with a non-standard product. This product can be efficiently evaluated through the use of R\'edei rational functions. We then exploit the isomorphism to construct a novel RSA-like scheme. We compare our scheme with classic RSA and with RSA-like schemes based on the cubic or conic equation. The decryption operation of the proposed scheme turns to be two times faster than RSA, and involves the lowest number of modular inversions with respect to other RSA-like schemes based on curves. Our solution offers the same security as RSA in a one-to-one communication and more security in broadcast applications.Comment: 18 pages, 1 figur

A Comparison of Cryptography Courses

The author taught two courses on cryptography, one at Duke University aimed at non-mathematics majors and one at Rose-Hulman Institute of Technology aimed at mathematics and computer science majors. Both tried to incorporate technical and societal aspects of cryptography, with varying emphases. This paper will discuss the strengths and weaknesses of both courses and compare the differences in the author's approach.Comment: 14 pages; to appear in Cryptologi

Quantum Attacks on Modern Cryptography and Post-Quantum Cryptosystems

Cryptography is a critical technology in the modern computing industry, but the security of many cryptosystems relies on the difficulty of mathematical problems such as integer factorization and discrete logarithms. Large quantum computers can solve these problems efficiently, enabling the effective cryptanalysis of many common cryptosystems using such algorithms as Shor’s and Grover’s. If data integrity and security are to be preserved in the future, the algorithms that are vulnerable to quantum cryptanalytic techniques must be phased out in favor of quantum-proof cryptosystems. While quantum computer technology is still developing and is not yet capable of breaking commercial encryption, these steps can be taken immediately to ensure that the impending development of large quantum computers does not compromise sensitive data

Cryptography from tensor problems

We describe a new proposal for a trap-door one-way function. The new proposal belongs to the "multivariate quadratic" family but the trap-door is different from existing methods, and is simpler

Cryptanalysis of Server-Aided RSA Protocols with Private-Key Splitting

International audienceWe analyze the security and the efficiency of interactive protocols where a client wants to delegate the computation of an RSA signature given a public key, a public message and the secret signing exponent. We consider several protocols where the secret exponent is splitted using some algebraic decomposition. We first provide an exhaustive analysis of the delegation protocols in which the client outsources a single RSA exponentiation to the server. We then revisit the security of the protocols RSA-S1 and RSA-S2 that were proposed by Matsumoto, Kato and Imai in 1988. We present an improved lattice-based attack on RSA-S1 and we propose a simple variant of this protocol that provides better efficiency for the same security level. Eventually, we present the first attacks on the protocol RSA-S2 that employs the Chinese Remainder Theorem to speed up the client's computation. The efficiency of our (heuristic) attacks has been validated experimentally

Local Inversion of maps: Black box Cryptanalysis

This paper is a short summery of results announced in a previous paper on a new universal method for Cryptanalysis which uses a Black Box linear algebra approach to computation of local inversion of nonlinear maps in finite fields. It is shown that one local inverse $x$ of the map equation $y=F(x)$ can be computed by using the minimal polynomial of the sequence $y(k)$ defined by iterates (or recursion) $y(k+1)=F(y(k))$ with $y(0)=y$ when the sequence is periodic. This is the only solution in the periodic orbit of the map $F$. Further, when the degree of the minimal polynomial is of polynomial order in number of bits of the input of $F$ (called low complexity case), the solution can be computed in polynomial time. The method of computation only uses the forward computations $F(y)$ for given $y$ which is why this is called a Black Box approach. Application of this approach is then shown for cryptanalysis of several maps arising in cryptographic primitives. It is shown how in the low complexity cases maps defined by block and stream ciphers can be inverted to find the symmetric key under known plaintext attack. Then it is shown how RSA map can be inverted to find the plaintext as well as an equivalent private key to break the RSA algorithm without factoring the modulus. Finally it is shown that the discrete log computation in finite field and elliptic curves can be formulated as a local inversion problem and the low complexity cases can be solved in polynomial time.Comment: 13 pages. Summery and comprehension of a previous paper arxiv.org/abs/2202.06584v

Note on Integer Factoring Methods IV

This note continues the theoretical development of deterministic integer factorization algorithms based on systems of polynomials equations. The main result establishes a new deterministic time complexity bench mark in integer factorization.Comment: 20 Pages, New Versio