© 1985

Advances in Cryptology

Proceedings of CRYPTO 84

  • George Robert Blakley
  • David Chaum
Conference proceedings CRYPTO 1984

Part of the Lecture Notes in Computer Science book series (LNCS, volume 196)

Table of contents

  1. Front Matter
    Pages I-IX
  2. Public Key Cryptosystems and Signatures

  3. Cryptosystems and Other Hard Problems

    1. I. F. Blake, R. C. Mullin, S. A. Vanstone
      Pages 73-82
    2. Albert C. Leighton, Stephen M. Matyas
      Pages 101-113
    3. J. A. Davis, D. B. Holdridge
      Pages 114-114
    4. R. C. Fairfield, A. Matusevich, J. Plany
      Pages 115-143
    5. Marc Davio, Yvo Desmedt, Jo Goubert, Frank Hoornaert, Jean-Jacques Quisquater
      Pages 144-146
    6. Frank Hoornaert, Jo Goubert, Yvo Desmedt
      Pages 147-173
  4. Randomness and Its Concomitants

    1. Umesh V. Vazirani, Vijay V. Vazirani
      Pages 193-202
    2. R. C. Fairfield, R. L. Mortenson, K. B. Coulthart
      Pages 203-230
    3. S. C. Kothari
      Pages 231-241

About these proceedings


Recently, there has been a lot of interest in provably "good" pseudo-random number generators [lo, 4, 14, 31. These cryptographically secure generators are "good" in the sense that they pass all probabilistic polynomial time statistical tests. However, despite these nice properties, the secure generators known so far suffer from the han- cap of being inefiicient; the most efiicient of these take n2 steps (one modular multip- cation, n being the length of the seed) to generate one bit. Pseudc-random number g- erators that are currently used in practice output n bits per multiplication (n2 steps). An important open problem was to output even two bits on each multiplication in a cryptographically secure way. This problem was stated by Blum, Blum & Shub [3] in the context of their z2 mod N generator. They further ask: how many bits can be o- put per multiplication, maintaining cryptographic security? In this paper we state a simple condition, the XOR-Condition and show that any generator satisfying this condition can output logn bits on each multiplication. We show that the XOR-Condition is satisfied by the lop least significant bits of the z2-mod N generator. The security of the z2 mod N generator was based on Quadratic Residu- ity [3]. This generator is an example of a Trapdoor Generator [13], and its trapdoor properties have been used in protocol design. We strengthen the security of this gene- tor by proving it as hard as factoring.


Computer Hardware algorithms calculus coding theory complexity cryptography cryptology information theory

Editors and affiliations

  • George Robert Blakley
    • 1
  • David Chaum
    • 2
  1. 1.Department of MathematicsTexas A&M UniversityCollege StationUSA
  2. 2.Center for Mathematics and Computer Science (CWI)AmsterdamThe Netherlands

Bibliographic information

  • Book Title Advances in Cryptology
  • Book Subtitle Proceedings of CRYPTO 84
  • Editors G.R. Blakely
    D. Chaum
  • Series Title Lecture Notes in Computer Science
  • DOI
  • Copyright Information Springer-Verlag Berlin Heidelberg 1985
  • Publisher Name Springer, Berlin, Heidelberg
  • eBook Packages Springer Book Archive
  • Softcover ISBN 978-3-540-15658-1
  • eBook ISBN 978-3-540-39568-3
  • Series ISSN 0302-9743
  • Edition Number 1
  • Number of Pages XII, 496
  • Number of Illustrations 0 b/w illustrations, 0 illustrations in colour
  • Topics Theory of Computation
    Coding and Information Theory
  • Buy this book on publisher's site