Some Remarks on Lucas-Based Cryptosystems

  • Daniel Bleichenbacher
  • Wieb Bosma
  • Arjen K. Lenstra
Conference paper

DOI: 10.1007/3-540-44750-4_31

Part of the Lecture Notes in Computer Science book series (LNCS, volume 963)
Cite this paper as:
Bleichenbacher D., Bosma W., Lenstra A.K. (1995) Some Remarks on Lucas-Based Cryptosystems. In: Coppersmith D. (eds) Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, vol 963. Springer, Berlin, Heidelberg


We review the well-known relation between Lucas sequences and exponentiation. This leads to the observation that certain public-key cryptosystems that are based on the use of Lucas sequences have some elementary properties their re-inventors were apparently not aware of. In particular, we present a chosen-message forgery for ‘LUC’ (cf. [21; 25]), and we show that ‘LUCELG’ and ‘LUCDIF’ (cf. [22, 26]) are vulnerable to subexponential time attacks. This proves that various claims that were made about Lucas-based cryptosystems are incorrect.

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Daniel Bleichenbacher
    • 1
  • Wieb Bosma
    • 2
  • Arjen K. Lenstra
    • 3
  1. 1.Institut für Theoretische InformatikETH ZentrumZürichSwitzerland
  2. 2.School of Mathematics and StatisticsUniversity of SydneySydneyAustralia
  3. 3.MRE-2Q330, BellcoreMorristownUSA

Personalised recommendations