On Squaring Modulo Mersenne Numbers

Authors
Publication date
11 September 2022
Publisher
International Association for Cryptologic Research (IACR)

Abstract

During the design of a new primitive inspired by Squash we accidentally stumbled on the observation described in this note. Let nn be a kk-bit Mersenne number whose factors are unknown. Consider an β„“\ell-bit secret number x=2k/2a+bx=2^{k/2}a+b. We observe that there are parameter configurations where a chunk of the value b2b^2 is leaked even if k<2β„“k<2\ell. This observation does not endanger any known scheme and in particular not Squash

    Similar works

    Full text

    thumbnail-image

    Available Versions

    Cryptology ePrint Archive

    redirect
    oaioai:eprint.iacr.org:2022/1197
    Last time updated on 25/08/2023