Algorithms for Black-Box Fields and their Application to Cryptography

extended abstract
  • Dan Boneh
  • Richard J. Lipton
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1109)

Abstract

We introduce the notion of a black box field and present several algorithms for manipulating such fields. Black box fields arise naturally in cryptography and our algorithms have several cryptographic implications. First, our results show that any algebraically homomorphic cryptosystem can be broken in sub-exponential time. The existence of such cryptosystems was posed as an open problem in [12]. Second we show that over elliptic (or hyperelliptic) curves the hardness of computing discrete-log implies the security of the Diffie-Hellman protocol. This provable security of the Diffie-Hellman protocol over elliptic curves demonstrates an additional advantage of elliptic curve cryptosystems over conventional ones. Finally, we prove that manipulating black box fields over the rationals is as hard as factoring integers.

References

  1. 1.
    M. Abadi, J. Feigenbaum, “Secure circuit evaluation: a protocol based on hiding information from an oracle”, J. Cryptology, No. 2, 1990, pp. 1–12.MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    L. Adleman, J. DeMarrais, Ming-Deh Huang, “A sub-exponential algorithm for discrete logarithm over the rational subgroup of the Jacobian of large genus hyperelliptic curves over finite fields”, Proceedings of ANTS, 1994.Google Scholar
  3. 3.
    L. Babai, E. Szemerédi, “On the complexity of matrix group problems I”, Proceedings FOCS 1984, pp. 229–240.Google Scholar
  4. 4.
    J. Buchmann, H. Williams, “A key exchange system based on imaginary quadratic fields”, Journal of cryptography, vol. 1, no. 2, pp. 107–118, 1988.MATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    E. Canfield, P. Erdös, C. Pomerance, “On a problem of Oppenheim concerning “Factorisatio Numerorum”, J. Number Theory 17, 1983, pp. 1–28.MATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    H. Cohen, “A course in computational algebraic number theory”, Springer-Verlag, 1991.Google Scholar
  7. 7.
    I. Damgard, “On the randomness of Legendre and Jacobi sequences”, Proceedings of Crypto 1988, pp. 163–172.Google Scholar
  8. 8.
    H. Davenport, “On the distribution of quadratic residues (mod p)”, J. London Math. Soc., 8, 1933, pp. 46–52.MATHCrossRefGoogle Scholar
  9. 9.
    N. DeBruijn, “On the number of positive integers ≤ x and free of prime factors > y”, Indag. Math. 38, 1966, pp. 239–247.Google Scholar
  10. 10.
    B. den Boer, “Diffie-Hellman is as strong as discrete log for certain primes”, Proceedings of Crypto 1988, pp. 530–539.Google Scholar
  11. 11.
    W. Diffie, M. Hellman, “New directions in cryptography”, IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644–654, 1976.MATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    J. Feigenbaum, N. Merrirr, “Open Questions and summary of discussions”, Proceedings of DIMACS workshop on Distributed Computing and Cryptography, Vol. 2, 1989.Google Scholar
  13. 13.
    N. Koblitz, “A family of Jacobians suitable for discrete log cryptosystems”, Proceedings of Crypto 88, pp. 94–99.Google Scholar
  14. 14.
    N. Koblitz, “Elliptic curve cryptosystems”, Math. of comp., Vol. 48, 1987, pp. 203–209.MATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    H. Lenstra Jr., “Factoring integers with elliptic curves”, Annals of Math. 126, 1987, pp. 649–673.CrossRefMathSciNetGoogle Scholar
  16. 16.
    A. Lenstra, H. Lenstra Jr., M. Manasse, J. Pollard, “The number field sieve”, Proceedings of STOC 1990, pp. 564–572.Google Scholar
  17. 17.
    R. Lipton, “Straight line complexity and integer factorization”, First algorithmic number theory symposium, 1994.Google Scholar
  18. 18.
    U. Maurer, “Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete logarithms”, Proceedings of Crypto 1994, pp. 271–281.Google Scholar
  19. 19.
    U. Maurer, Y. Yacobi, “Non-interactive public-key cryptography”, EUROCRYPT 91, Lecture notes in computer science, Springer-Verlag, vol. 547, pp. 498–507, 1991.Google Scholar
  20. 20.
    K. McCurley, “A key distribution system equivalent to factoring”, Journal of cryptography, vol. 1, no. 2, 1988, pp. 95–105.MATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    K. McCurley, “The discrete logarithm problem”, In cryptology and computational number theory, AMS lecture notes, C. Pomerance editor, 1989.Google Scholar
  22. 22.
    A. Menezes, S. Vanstone, “Reducing elliptic curve logarithms to logarithms in a finite field”, Proceedings of STOC 1991, pp. 80–89.Google Scholar
  23. 23.
    V. Miller, “Use of elliptic curves in cryptography”, Proceedings of Crypto 1985, pp. 417–426.Google Scholar
  24. 24.
    S. Pohlig, M. Hellman, “An improved algorithm for computing discrete logarithms over GF(p) and its cryptographic significance”, IEEE Trans. Inform. Theory, Vol. 24, 1978, pp. 106–110.MATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    V. Nechaev, “Complexity of a determinate algorithm for the discrete logarithm”, Mathematical Notes, Vol. 55, No. 2, pp. 165–172, 1994.CrossRefMathSciNetGoogle Scholar
  26. 26.
    R. Schoof, “Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p”, Math. of Comp., Vol. 44, no. 170, 1985, pp. 483–494.MATHCrossRefMathSciNetGoogle Scholar
  27. 27.
    V. Shoup, “Lower bounds for discrete logarithms and related problems”, Manuscript, 1995.Google Scholar
  28. 28.
    J. Silverman, “The arithmetic of elliptic curves”, Springer-Verlag, 1986.Google Scholar
  29. 29.
    M. Steele, A. Yao, “Lower bounds for algebraic decision trees”, J. of alg., Vol. 3, 1982, pp. 1–8.MATHCrossRefMathSciNetGoogle Scholar
  30. 30.
    S. Wolf, “Diffie-Hellman and Discrete Logarithms”, Thesis ETH Zurich, 1995.Google Scholar
  31. 31.
    Specifications for the digital signature standard, National Institute for Standards and Technology, Federal Information Processing Standard Publication XX, draft, August 1991.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Dan Boneh
    • 1
  • Richard J. Lipton
    • 1
  1. 1.Princeton UniversityPrinceton

Personalised recommendations