6,116 research outputs found
Public Key Exchange Using Matrices Over Group Rings
We offer a public key exchange protocol in the spirit of Diffie-Hellman, but
we use (small) matrices over a group ring of a (small) symmetric group as the
platform. This "nested structure" of the platform makes computation very
efficient for legitimate parties. We discuss security of this scheme by
addressing the Decision Diffie-Hellman (DDH) and Computational Diffie-Hellman
(CDH) problems for our platform.Comment: 21 page
Pairing-based identification schemes
We propose four different identification schemes that make use of bilinear
pairings, and prove their security under certain computational assumptions.
Each of the schemes is more efficient and/or more secure than any known
pairing-based identification scheme
Two-sources Randomness Extractors for Elliptic Curves
This paper studies the task of two-sources randomness extractors for elliptic
curves defined over finite fields , where can be a prime or a binary
field. In fact, we introduce new constructions of functions over elliptic
curves which take in input two random points from two differents subgroups. In
other words, for a ginven elliptic curve defined over a finite field
and two random points and , where and are two subgroups of
, our function extracts the least significant bits of the
abscissa of the point when is a large prime, and the -first
coefficients of the asbcissa of the point when , where is a prime greater than . We show that the extracted bits
are close to uniform.
Our construction extends some interesting randomness extractors for elliptic
curves, namely those defined in \cite{op} and \cite{ciss1,ciss2}, when
. The proposed constructions can be used in any
cryptographic schemes which require extraction of random bits from two sources
over elliptic curves, namely in key exchange protole, design of strong
pseudo-random number generators, etc
Finding Significant Fourier Coefficients: Clarifications, Simplifications, Applications and Limitations
Ideas from Fourier analysis have been used in cryptography for the last three
decades. Akavia, Goldwasser and Safra unified some of these ideas to give a
complete algorithm that finds significant Fourier coefficients of functions on
any finite abelian group. Their algorithm stimulated a lot of interest in the
cryptography community, especially in the context of `bit security'. This
manuscript attempts to be a friendly and comprehensive guide to the tools and
results in this field. The intended readership is cryptographers who have heard
about these tools and seek an understanding of their mechanics and their
usefulness and limitations. A compact overview of the algorithm is presented
with emphasis on the ideas behind it. We show how these ideas can be extended
to a `modulus-switching' variant of the algorithm. We survey some applications
of this algorithm, and explain that several results should be taken in the
right context. In particular, we point out that some of the most important bit
security problems are still open. Our original contributions include: a
discussion of the limitations on the usefulness of these tools; an answer to an
open question about the modular inversion hidden number problem
A New Cryptosystem Based On Hidden Order Groups
Let be a cyclic multiplicative group of order . It is known that the
Diffie-Hellman problem is random self-reducible in with respect to a
fixed generator if is known. That is, given and
having oracle access to a `Diffie-Hellman Problem' solver with fixed generator
, it is possible to compute in polynomial time (see
theorem 3.2). On the other hand, it is not known if such a reduction exists
when is unknown (see conjuncture 3.1). We exploit this ``gap'' to
construct a cryptosystem based on hidden order groups and present a practical
implementation of a novel cryptographic primitive called an \emph{Oracle Strong
Associative One-Way Function} (O-SAOWF). O-SAOWFs have applications in
multiparty protocols. We demonstrate this by presenting a key agreement
protocol for dynamic ad-hoc groups.Comment: removed examples for multiparty key agreement and join protocols,
since they are redundan
- β¦