On the Distribution of Quadratic Residues and Non-residues Modulo Composite Integers and Applications to Cryptography

We develop exact formulas for the distribution of quadratic residues and non-residues in sets of the form $a+X=\{(a+x)\bmod n\mid x\in X\}$, where $n$ is a prime or the product of two primes and $X$ is a subset of integers with given Jacobi symbols modulo prime factors of $n$. We then present applications of these formulas to Cocks\u27 identity-based encryption scheme and statistical indistinguishability

On Gaps Between Primitive Roots in the Hamming Metric

We consider a modification of the classical number theoretic question about the gaps between consecutive primitive roots modulo a prime $p$, which by the well-known result of Burgess are known to be at most $p^{1/4+o(1)}$. Here we measure the distance in the Hamming metric and show that if $p$ is a sufficiently large $r$-bit prime, then for any integer $n \in [1,p]$ one can obtain a primitive root modulo $p$ by changing at most $0.11002786...r$ binary digits of $n$. This is stronger than what can be deduced from the Burgess result. Experimentally, the number of necessary bit changes is very small. We also show that each Hilbert cube contained in the complement of the primitive roots modulo $p$ has dimension at most $O(p^{1/5+\epsilon})$, improving on previous results of this kind.Comment: 16 pages; to appear in Q.J. Mat

Ring-LWE Cryptography for the Number Theorist

In this paper, we survey the status of attacks on the ring and polynomial learning with errors problems (RLWE and PLWE). Recent work on the security of these problems [Eisentr\"ager-Hallgren-Lauter, Elias-Lauter-Ozman-Stange] gives rise to interesting questions about number fields. We extend these attacks and survey related open problems in number theory, including spectral distortion of an algebraic number and its relationship to Mahler measure, the monogenic property for the ring of integers of a number field, and the size of elements of small order modulo q.Comment: 20 Page

On formal verification of arithmetic-based cryptographic primitives

Cryptographic primitives are fundamental for information security: they are used as basic components for cryptographic protocols or public-key cryptosystems. In many cases, their security proofs consist in showing that they are reducible to computationally hard problems. Those reductions can be subtle and tedious, and thus not easily checkable. On top of the proof assistant Coq, we had implemented in previous work a toolbox for writing and checking game-based security proofs of cryptographic primitives. In this paper we describe its extension with number-theoretic capabilities so that it is now possible to write and check arithmetic-based cryptographic primitives in our toolbox. We illustrate our work by machine checking the game-based proofs of unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and semantic security of the public-key cryptographic scheme of Goldwasser and Micali.Comment: 13 page

A measurement study of peer-to-peer bootstrapping and implementations of delay-based cryptography

This thesis researches two distinct areas of study in both peer-to-peer networking formodern cryptocurrencies and implementations of delay-based cryptography.The first part of the thesis researches elements of peer-to-peer network mechanisms,with a specific focus on the dependencies on centralised infrastructure required for theinitial participation in such networks.Cryptocurrencies rely on decentralised peer-to-peer networks, yet the method bywhich new peers initially join these networks, known as bootstrapping, presents a significantchallenge. Our original research consists of a measurement study of 74 cryptocurrencies.Our study reveals a prevalent reliance on centralised infrastructure which leadsto censorship-prone bootstrapping techniques leaving networks vulnerable to censorshipand manipulation.In response, we explore alternative bootstrapping methods seeking solutions lesssusceptible to censorship. However, our research demonstrates operational challengesand limitations which hinder their effectiveness, highlighting the complexity of achievingcensorship-resistance in practice.Furthermore, our global measurement study uncovers the details of cryptocurrencypeer-to-peer networks, revealing instances outages and intentional protocol manipulationimpacting bootstrapping operations. Through a volunteer network of probes deployedacross 42 countries, we analyse network topology, exposing centralisation tendencies andunintentional peer exposure.Our research also highlights the pervasive inheritance of legacy bootstrapping methods,perpetuating security vulnerabilities and censorship risks within cryptocurrencysystems. These findings illuminate broader concerns surrounding decentralisation andcensorship-resistance in distributed systems.In conclusion, our study offers valuable insights into cryptocurrency bootstrappingtechniques and their susceptibility to censorship, paving the way for future research andinterventions to enhance the resilience and autonomy of peer-to-peer networks.In the second part of the thesis, attention shifts towards delay-based cryptography,where the focus lies on the creation and practical implementations of timed-release encryptionschemes. Drawing from the historical delay-based cryptographic protocols, thisthesis presents two original research contributions.The first is the creation of a new timed-release encryption scheme with a propertytermed implicit authentication. The second contribution is the development of a practicalconstruction called TIDE (TIme Delayed Encryption) tailored for use in sealed-bidauctions.Timed-Release Encryption with Implicit Authentication (TRE-IA) is a cryptographicprimitive which presents a new property named implicit authentication (IA). This propertyensures that only authorised parties, such as whistleblowers, can generate meaningfulciphertexts. By incorporating IA techniques into the encryption process, TRE-IAaugments a new feature in standard timed-release encryption schemes by ensuring thatonly the party with the encryption key can create meaningful ciphertexts. This propertyensures the authenticity of the party behind the sensitive data disclosure. Specifically, IAenables the encryption process to authenticate the identity of the whistleblower throughthe ciphertext. This property prevents malicious parties from generating ciphertextsthat do not originate from legitimate sources. This ensures the integrity and authenticityof the encrypted data, safeguarding against potential leaks of information not vettedby the party performing the encryption.TIDE introduces a new method for timed-release encryption in the context of sealedbidauctions by creatively using classic number-theoretic techniques. By integratingRSA-OEAP public-key encryption and the Rivest Shamir Wagner time-lock assumptionwith classic number theory principles, TIDE offers a solution that is both conceptuallystraightforward and efficient to implement.Our contributions in TIDE address the complexities and performance challengesinherent in current instantiations of timed-release encryption schemes. Our researchoutput creates a practical timed-release encryption implementation on consumer-gradehardware which can facilitate real-world applications such as sealed-bid auctions withclear steps for implementation.Finally, our thesis concludes with a review of the prospects of delay-based cryptographywhere we consider potential applications such as leveraging TIDE for a publicrandomness beacon.<br/

Sato--Tate, cyclicity, and divisibility statistics on average for elliptic curves of small height

We obtain asymptotic formulae for the number of primes $p\le x$ for which the reduction modulo $p$ of the elliptic curve \E_{a,b} : Y^2 = X^3 + aX + b satisfies certain ``natural'' properties, on average over integers $a$ and $b$ with $|a|\le A$ and $|b| \le B$, where $A$ and $B$ are small relative to $x$. Specifically, we investigate behavior with respect to the Sato--Tate conjecture, cyclicity, and divisibility of the number of points by a fixed integer $m$

Artin's primitive root conjecture -a survey -

This is an expanded version of a write-up of a talk given in the fall of 2000 in Oberwolfach. A large part of it is intended to be understandable by non-number theorists with a mathematical background. The talk covered some of the history, results and ideas connected with Artin's celebrated primitive root conjecture dating from 1927. In the update several new results established after 2000 are also discussed.Comment: 87 pages, 512 references, to appear in Integer