Practical Cryptography in High Dimensional Tori

  • Marten van Dijk
  • Robert Granger
  • Dan Page
  • Karl Rubin
  • Alice Silverberg
  • Martijn Stam
  • David Woodruff
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3494)


At Crypto 2004, van Dijk and Woodruff introduced a new way of using the algebraic tori T n in cryptography, and obtained an asymptotically optimal n/φ(n) savings in bandwidth and storage for a number of cryptographic applications. However, the computational requirements of compression and decompression in their scheme were impractical, and it was left open to reduce them to a practical level. We give a new method that compresses orders of magnitude faster than the original, while also speeding up the decompression and improving on the compression factor (by a constant term). Further, we give the first efficient implementation that uses T 30, compare its performance to XTR, CEILIDH, and ECC, and present new applications. Our methods achieve better compression than XTR and CEILIDH for the compression of as few as two group elements. This allows us to apply our results to ElGamal encryption with a small message domain to obtain ciphertexts that are 10% smaller than in previous schemes.


torus-based cryptography discrete-log based cryptography 


  1. 1.
    Avanzi, R.M.: Aspects of Hyperelliptic Curves over Large Prime Fields in Software Implementations. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 148–162. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Bosma, W., Hutton, J., Verheul, E.R.: Looking beyond XTR. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 46–63. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  3. 3.
    Bosselaers, A., Govaerts, R., Vandewalle, J.: Comparison of Three Modular Reduction Functions. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 175–186. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Brouwer, A.E., Pellikaan, R., Verheul, E.R.: Doing More with Fewer Bits. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 321–332. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Damgard, I., Jurik, M.: A Length-Flexible Threshold Cryptosystem with Applications. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 350–364. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    van Dijk, M., Woodruff, D.: Asymptotically Optimal Communication for Torus-Based Cryptography. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 157–178. Springer, Heidelberg (2004)Google Scholar
  7. 7.
    Goldwasser, S., Micali, S.: Probabilistic Encryption. Comp. Sys. Sci. 28(1), 270–299 (1984)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Golle, P., Juels, A.: Parallel Mixing. In: Computer and Communications Security (CSS), pp. 220–226. ACM Press, New York (2004)Google Scholar
  9. 9.
    Granger, R., Page, D., Stam, M.: A comparison of CEILIDH and XTR. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 235–249. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Itoh, T., Tsujii, S.: A Fast Algorithm for Computing Multiplicative Inverses in GF(2m) Using Normal Bases. Info. and Comp. 78(3), 171–177 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Kiayias, A., Yung, M.: Self-Tallying Elections and Perfect Ballot Secrecy. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 141–158. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Klyachko, A.A.: On the Rationality of Tori with Cyclic Splitting Field (Russian). In: Arithmetic and Geometry of Varieties, pp. 73–78. Kuybyshev Univ. Press (1988)Google Scholar
  13. 13.
    Kushilevitz, E., Ostrovsky, R.: Replication is not needed: single database, computationally-private information retrieval. In: Foundations of Computer Science (FOCS), pp. 364–373. IEEE Press, Los Alamitos (1997)Google Scholar
  14. 14.
    Lennon, M.J.J., Smith, P.J.: LUC: A New Public Key System. In: IFIP TC11 Ninth International Conference on Information Security IFIP/Sec., pp. 103–117 (1993)Google Scholar
  15. 15.
    Lenstra, A.K., Verheul, E.R.: The XTR public key system. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 1–19. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. 16.
    Lenstra, A.K., Verheul, E.R.: An Overview of the XTR Public Key System. In: Public-Key Cryptography and Computational Number Theory, pp. 151–180. Walter de Gruyter, Berlin (2001)Google Scholar
  17. 17.
    Montgomery, P.L.: Modular Multiplication Without Trial Division. Math. Comp. 44, 519–521 (1985)zbMATHMathSciNetCrossRefGoogle Scholar
  18. 18.
    Nöcker, M.: Data structures for parallel exponentiation in finite fields. PhD Thesis, Universität Paderborn (2001)Google Scholar
  19. 19.
    Paillier, P.: Public-key cryptosystems based on composite degree residuaosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)Google Scholar
  20. 20.
    Pohlig, S.C., Hellman, M.E.: An Improved Algorithm for Computing Logarithms over GF(p) and its Cryptographic Significance. IEEE Trans. on IT 24, 106–110 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Proos, J.: Joint Sparse Forms and Generating Zero Columns when Combing. University of Waterloo, Technical Report CORR 2003-23Google Scholar
  22. 22.
    Rubin, K., Silverberg, A.: Supersingular Abelian Varieties in Cryptology. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 336–353. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  23. 23.
    Rubin, K., Silverberg, A.: Torus-Based Cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 349–365. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  24. 24.
    Rubin, K., Silverberg, A.: Algebraic Tori in Cryptography. In: High Primes and Misdemeanours: Lectures in Honour of the 60th birthday of Hugh Cowie Williams. Fields Institute Communications Series, vol. 41, pp. 317–326. American Mathematical Society (2004)Google Scholar
  25. 25.
    Rubin, K., Silverberg, A.: Using Primitive Subgroups to Do More with Fewer Bits. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 18–41. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  26. 26.
    Schoenmakers, B., Tuyls, P.: Practical Two-Party Computation Based on the Conditional Gate. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 119–136. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  27. 27.
    Solinas, J.A.: Low-Weight Binary Representations for Pairs of Integers. University of Waterloo, Technical Report CORR 2001-41Google Scholar
  28. 28.
    Stam, M., Lenstra, A.K.: Efficient Subgroup Exponentiation in Quadratic and Sixth Degree Extensions. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 318–332. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  29. 29.
    Stam, M., Lenstra, A.K.: Speeding Up XTR. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 125–143. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  30. 30.
    Voskresenskiĭ, V.E.: Algebraic Groups and Their Birational Invariants. Translations of Mathematical Monographs 179 (1998)Google Scholar
  31. 31.
    Yamamura, A., Saito, T.: Private Information Retrieval Based on the Subgroup Membership Problem. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 206–220. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Marten van Dijk
    • 1
  • Robert Granger
    • 2
  • Dan Page
    • 2
  • Karl Rubin
    • 3
  • Alice Silverberg
    • 3
  • Martijn Stam
    • 2
  • David Woodruff
    • 1
  1. 1.MIT CSAIL 
  2. 2.Department of Computer ScienceUniversity of Bristol 
  3. 3.Department of MathematicsIrvine

Personalised recommendations