Secure simultaneous bit extraction from Koblitz curves
- 16 Downloads
Abstract
Secure pseudo-random number generators (PRNGs) have a lot of important applications in cryptography. In this paper, we analyze a new PRNG related to the elliptic curve power generator. The new PRNG has many desirable randomness properties such as long period, uniform distribution, etc. In particular, the proposed PRNG is provably secure under the l-strong Diffie–Hellman assumptions. An important feature of our PRNG is that many bits can be simultaneously output without significantly affecting its security. For instance, at 150-bit security, more than 100 bits can be output at each iteration, with a statistical distance from a uniform sequence less than \(1/2^{150}\). Our experimental results show that the new PRNG provides a secure and flexible solution for high security applications. Hence, our work is another step towards the construction of provably secure PRNGs in practice.
Keywords
Cryptography Elliptic curves Pseudo-random Number generatorMathematics Subject Classification
11T23 11K45 94A60Notes
Acknowledgements
We thank the referees, whose constructive comments greatly improved the presentation of our work.
References
- 1.Alex W., Chor B., Goldreich O., Shub M.: RSA and Rabin functions: certain parts are as hard as the whole. SIAM J. Comput. 17, 194–209 (1988).MathSciNetCrossRefMATHGoogle Scholar
- 2.Avanzi R., Dimitrov V.S., Doche C., Sica F.: Extending scalar multiplication using double bases. In: Lai Xuejia, Chen Kefei (eds.) Proceedings of Asiacrypt 2006, vol. 4284, pp. 130–144. Lecture Notes in Computer ScienceSpringer, Berlin (2006).CrossRefGoogle Scholar
- 3.Blum L., Blum M., Shub M.: A simple unpredictable pseudo-random number generator. SIAM J. Comput. 15, 364–383 (1986).MathSciNetCrossRefMATHGoogle Scholar
- 4.Boneh D., Boyen X.: Short signatures without random oracles. In: Advances in Cryptology—EUROCRYPT 2004. International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, 2–6 May 2004, Proceedings, pp. 56–73 (2004).Google Scholar
- 5.Boneh D., Franklin M.: Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003). Extended abstract in Proceedings of Crypto ’2001. Lecture Notes in Computer Science, vol. 2139. Springer, Berlin, pp. 213–229 (2001).Google Scholar
- 6.Boneh D., Shacham H., Lynn B.: Short signatures from the Weil pairing. In: Boyd C. (ed.) Advances in Cryptology—ASIACRYPT 2001, vol. 2248, pp. 514–532. Lecture Notes in Computer ScienceSpringer, Berlin (2001).CrossRefGoogle Scholar
- 7.Boneh D., Boyen X., Hovav S.: Short group signatures. In: Advances in Cryptology—CRYPTO 2004, 24th Annual International Cryptology Conference, Santa Barbara, CA, USA, 15–19 August 2004, Proceedings, pp. 41–55 (2004).Google Scholar
- 8.Checkoway S., Fredrikson M., Niederhagen R., Everspaugh A., Green M., Lange T., Ristenpart T., Bernstein D.J., Maskiewicz J., Shacham H.: On the practical exploitability of dual EC in TLS implementations. In: Proceedings of the 23rd USENIX Conference on Security Symposium, SEC’14, pp. 319–335. USENIX Association, Berkeley, CA, USA (2014).Google Scholar
- 9.Checkoway S., Maskiewicz J., Garman C., Fried J., Cohney S., Green M., Heninger N., Weinmann R.-P., Rescorla E., Shacham H.: A systematic analysis of the juniper dual EC incident. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pp. 468–479. ACM, New York, NY, USA (2016).Google Scholar
- 10.Cheon J.H.: Security analysis of the strong Diffie–Hellman problem. In: Proceedings of EUROCRYPT 2006. Lecture Notes in Computer Science, vol. 4004, pp. 1–11. Springer, Heidelberg (2006).Google Scholar
- 11.Ciss A.A., Sow D.: On randomness extraction in elliptic curves. In: Proceedings of AFRICACRYPT 2011. Lecture Notes in Computer Science, vol. 6737, pp. 290–297. Springer, Heidelberg (2011).Google Scholar
- 12.Dimitrov V., Howe E.: Lower bounds on the lengths of double-base representations. Proc. Am. Math. Soc. 139(10), 3423–3430 (2011).MathSciNetCrossRefMATHGoogle Scholar
- 13.Dimitrov V., Imbert L., Mishra P.K.: The double-base number system and its application to elliptic curve cryptography. Math. Comput. 110(22), 1003–1006 (2010).MATHGoogle Scholar
- 14.Doche C., Kohel D.R., Sica F.: Double-base number system for multi-scalar Multiplications. In: Joux A. (ed.) Proceedings of EUROCRYPT. Lecture Notes in Computer Science, vol. 5479, pp. 502–517. Springer, Heidelberg (2009).Google Scholar
- 15.Farashahi R.R., Schoenmakers B., Sidorenko A.: Efficient pseudorandom generators based on the DDH assumption. In: Proceedings of PKC 2007. Lecture Notes in Computer Science, vol. 4450, pp. 426–441. Springer, Heidelberg (2007).Google Scholar
- 16.Farashahi R.R., Pellikaan R., Sidorenko A.: Extractors for binary elliptic curves. Des. Codes Cryptogr. 49(1–3), 171–186 (2008).MathSciNetCrossRefMATHGoogle Scholar
- 17.Golomb S.W., Gong G.: Signal design for good correlation: for wireless communication, cryptography, and radar applications. Cambridge University Press, Cambridge (2005).CrossRefMATHGoogle Scholar
- 18.Gong G., Berson T.A., Stinson D.R.: Elliptic curve pseudorandom sequence generators. In: Selected Areas in Cryptography, 6th Annual International Workshop, SAC’99, Kingston, ON, Canada, 9–10 August 1999, Proceedings, pp. 34–48 (1999).Google Scholar
- 19.Hankerson D., Menezes A., Vanstone S.: Guide to Elliptic Curve Cryptography. Springer Professional Computing. Springer, New York (2004).Google Scholar
- 20.Joux A.: A one round protocol for tripartite Diffie–Hellman. In: Bosma W. (ed.) Algorithmic Number Theory, 4th International Symposium, ANTS-IV. Lecture Notes in Computer Science, vol. 1838, pp. 385–394. Springer, Berlin (2000).Google Scholar
- 21.Koblitz N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987).MathSciNetCrossRefMATHGoogle Scholar
- 22.Lidl R., Niederreiter H.: Finite fields. With a foreword. In: Cohn P.M. (ed.) Encyclopedia of Mathematics and Its Applications, vol. 20. Cambridge University Press, Cambridge (1997).Google Scholar
- 23.Liu H.: A family of elliptic curve pseudorandom binary sequences. Des. Codes Cryptogr. 73(1), 251–265 (2014).MathSciNetCrossRefMATHGoogle Scholar
- 24.Liu H., Zhan T., Wang X.: Large families of elliptic curve pseudorandom binary sequences. Acta Arith. 140, 135–144 (2009). Instytut Matematyczny PAN.MathSciNetCrossRefMATHGoogle Scholar
- 25.Mérai L.: Remarks on pseudorandom binary sequences over elliptic curves. Fundam. Inf. 114(3–4), 301–308 (2012).MathSciNetMATHGoogle Scholar
- 26.Mérai L.: On the elliptic curve power generator. Unif. Distrib. Theory 9(2), 59–65 (2014).MathSciNetMATHGoogle Scholar
- 27.Mérai L.: On pseudorandom properties of certain sequences of points on elliptic curve. In: Arithmetic of Finite Fields—6th International Workshop, WAIFI 2016, Ghent, Belgium, 13–15 July 2016, Revised Selected Papers, pp. 54–63 (2016).Google Scholar
- 28.Mérai L.: On the elliptic curve endomorphism generator. Des. Codes Cryptogr. Bd. 85, S. 121–128 (2017).Google Scholar
- 29.Mérai L., Winterhof A.: On the linear complexity profile of some sequences derived from elliptic curves. Des. Codes Cryptogr. 81(2), 259–267 (2016).MathSciNetCrossRefMATHGoogle Scholar
- 30.Miller V.S.: Use of elliptic curves in cryptography. In: Williams H.C. (ed.) Advances in Cryptology—Proceedings of CRYPTO 1985, vol. 218, pp. 417–426. Lecture Notes in Computer ScienceSpringer, New York (1986).Google Scholar
- 31.Schoenmakers B., Sidorenko A.: Cryptanalysis of the dual elliptic curve pseudorandom generator. IACR Cryptology. ePrint Archive 2006, p. 190 (2006).Google Scholar
- 32.Shparlinski I.E.: Pseudorandom number generators from elliptic curves. Contemp. Math. 9, 121–141 (2009).MathSciNetCrossRefMATHGoogle Scholar
- 33.Sidorenko A., Schoenmakers B.: Concrete security of the Blum–Blum–Shub pseudorandom generator. In: Cryptography and Coding, 10th IMA International Conference, Cirencester, UK, 19–21 December 2005, Proceedings. Lecture Notes in Computer Science, vol. 3796, pp. 355–375. Springer, Berlin (2005).Google Scholar
- 34.Vazirani U.V., Vazirani V.V.: Efficient and secure pseudo-random number generation (extended abstract). In: 25th Annual Symposium on Foundations of Computer Science (FOCS), West Palm Beach, Florida, USA, 24–26 October 1984, pp. 458–463. IEEE Computer Society, Philadelphia (1984).Google Scholar