Abstract Models of Computation in Cryptography

  • Ueli Maurer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3796)


Computational security proofs in cryptography, without unproven intractability assumptions, exist today only if one restricts the computational model. For example, one can prove a lower bound on the complexity of computing discrete logarithms in a cyclic group if one considers only generic algorithms which can not exploit the properties of the representation of the group elements.

We propose an abstract model of computation which allows to capture such reasonable restrictions on the power of algorithms. The algorithm interacts with a black-box with hidden internal state variables which allows to perform a certain set of operations on the internal state variables, and which provides output only by allowing to check whether some state variables satisfy certain relations. For example, generic algorithms correspond to the special case where only the equality relation, and possibly also an abstract total order relation, can be tested.

We consider several instantiation of the model and different types of computational problems and prove a few known and new lower bounds for computational problems of interest in cryptography, for example that computing discrete logarithms is generically hard even if an oracle for the decisional Diffie-Hellman problem and/or other low degree relations were available.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Boneh, D., Lipton, R.J.: Algorithms for black-box fields and their application to cryptography. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 283–297. Springer, Heidelberg (1996)Google Scholar
  2. 2.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Maurer, U.: Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete logarithms. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 271–281. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Maurer, U., Wolf, S.: Lower bounds on generic algorithms in groups. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 72–84. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. 5.
    Maurer, U., Wolf, S.: On the complexity of breaking the Diffie-Hellman protocol. SIAM Journal on Computing 28, 1689–1721 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Nechaev, V.I.: Complexity of a deterministic algorithm for the discrete logarithm. Mathematical Notes 55(2), 91–101 (1994)CrossRefMathSciNetGoogle Scholar
  7. 7.
    Pohlig, S.C., Hellman, M.E.: An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory 24(1), 106–110 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Pollard, J.M.: Monte Carlo methods for index computation mod p. Mathematics of Computation 32, 918–924 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Schwartz, J.T.: Fast probabilistic algorithms for verification of polynomial identities. Journal of the ACM 27(3), 701–717 (1980)zbMATHCrossRefGoogle Scholar
  10. 10.
    Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Ueli Maurer
    • 1
  1. 1.Department of Computer ScienceETH ZurichZurichSwitzerland

Personalised recommendations