Abstract
In [14] there is proposed an ElGamal-type cryptosystem based on non-maximal imaginary quadratic orders with trapdoor decryption. The trapdoor information is the factorization of the non-fundamental discriminant Δp = Δ1 p 2. The NICE-cryptosystem (New Ideal Coset En-cryption) [24, 12] is an efficient variant thereof, which uses an element \( \mathfrak{g}^k {\mathbf{ }} \in {\mathbf{ }}Ker(\emptyset _{cl}^{ - 1} ){\mathbf{ }} \subseteq {\mathbf{ }}Cl(\Delta _p ) \) , where k is random and φ −1Cl : Cl(Δp) → (Δ1) is a map between the class groups of the non-maximal and maximal order, to mask the message in the ElGamal cryptosystem. This mask simply “disappears” during decryption, which essentially consists of computing φ −1Cl . Thus NICE features quadratic decryption time and hence is very well suited for applications in which a central server has to decrypt a large number of ciphertexts in a short time. In this work we will introduce an efficient batch decryption method for NICE, which allows to speed up the decryption by about 30% for a batch size of 100 messages.
In [17] there is proposed a NICE-Schnorr-type signature scheme. In this scheme one uses the group Ker(φ −1Cl ) instead of IF *p . Thus instead of modular arithmetic one would need to apply standard ideal arithmetic (multiply and reduce) using algorithms from [5] for example. Because every group operation needs the application of the Extended Euclidean Algorithm the implementation would be very inefficient. Especially the signing process, which would typically be performed on a smartcard with limited computational power would be too slow to allow practical application. In this work we will introduce an entirely new arithmetic for elements in Ker(φ −1Cl ), which uses the generator and ring-equivalence for exponentiation. Thus the signer essentially performs the exponentiation in (\( (\mathcal{O}_{\Delta _1 } /p\mathcal{O}_{\Delta _1 } )* \) , which turns out to be about twenty times as fast as conventional ideal arithmetic. Furthermore in [17] it is shown, how one can further speed up this exponentiation by application of the Chinese Remainder Theorem for \( (\mathcal{O}_{\Delta _1 } /p\mathcal{O}_{\Delta _1 } )* \) . With this arithmetic the signature generation is about forty times as fast as with conventional ideal arithmetic and more than twice as fast as in the original Schnorr scheme [26].
Chapter PDF
References
Z.I. Borevich and I.R. Shafarevich: Number Theory Academic Press: New York, 1966
E. Brickell, D. Gordon, K. McCurley, D. Wilson: Fast Exponentiation with Precomputation, Proceedings of Eurocrypt 1992, LNCS 658, Springer, 1993, pp. 200–207
J. Buchmann, S. Düllmann: On the computation of discrete logarithms in class groups, Advances in Cryptology-CRYPTO’ 90, LNCS 773, Springer, 1991, pp. 134–139
J. Buchmann and H.C. Williams: A key-exchange system based on imagninary quadratic fields. Journal of Cryptology, 1, 1988, pp. 107–118
H. Cohen: A Course in Computational Algebraic Number Theory. Graduate Texts in Mathematics 138. Springer: Berlin, 1993.
D.A. Cox: Primes of the form x 2 + ny 2, John Wiley & Sons, New York, 1989
W. Diffie and M. Hellman: New directions in cryptography, IEEE Transactions on Information Theory 22, 1976, pp. 472–492
S. Düllmann: Ein Algorithmus zur Bestimmung der Klassenzahl positiv definiter binrer quadratischer Formen, PHD-thesis (in german), University of Saarbrücken: 1991
T. ElGamal: A public key cryptosystem and a signature schem based on discrete logarithms, IEEE Transactions on Information Theory 31, 1985, pp. 469–472
J.L. Hafner, K.S. McCurley: A rigorous subexponential algorithm for computation of class groups, Journal of the American Mathematical Society, 2, 1989, 837–850
S. Hamdy, A. Meyer: personal communication, 1999
M. Hartmann, S. Paulus and T. Takagi: NICE-New Ideal Coset Encryption, to appear in the proceedings of CHES, 1999
L.K. Hua: Introduction to Number Theory. Springer-Verlag, New York, 1982.
D. Hühnlein, M.J. Jacobson, S. Paulus and T. Takagi: A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption, Advances in Cryptology-EUROCRYPT’ 98, LNCS 1403, Springer, 1998, pp. 294–307
D. Hühnlein, A. Meyer, T. Takagi: Rabin and RSA analogues based on non-maximal imaginary quadratic orders, Proceedings of ICICS’ 98, ISBN 89-85305-14-X, 1998, pp. 221–240
D. Hühnlein, T. Takagi: Reducing logarithms in totally non-maximal imaginary quadratic orders to logarithms in finite fields, Advances in Cryptology-Asiacrypt’ 99, LNCS 1716, Springer, 1999, pp. 219–231
D. Hühnlein, J. Merkle: An efficient NICE-Schnorr-type cryptosystem, to appear at PKC2000, Melbourne, January 2000 and Springer LNCS, preprint via http://www.informatik.tu-darmstadt.de/TI/Veroeffentlichung/TR/Welcome.html#. 1999
D. Hühnlein: NICE-Ein neues Public Key Kryptosystem mit sehr schneller Entschlüsselung und seine potentiellen Anwendungen, (in german) manuscript, 1999
M.J. Jacobson Jr.: Subexponential Class Group Computation in Quadratic Orders, Berichte aus der Informatik, Shaker, ISBN 3-8265-6374-3, 1999
LiDIA: A c++ library for algorithmic number theory, via http://www.informatik.tu-darmstadt.de/TI/LiDIA
P.L. Montgomery: Speeding the Pollard and Elliptic Curve Methods for Factorization, Mathematics of Computation, vol. 48, nr. 177, Jan. 1987, pp. 243–264
National Institute of Standards and Technology (NIST): Digital Signature Standard (DSS). Federal Information Processing Standards Publication 186, FIPS-186, 19th May, 1994
J. Neukirch, Algebraische Zahlentheorie, Springer, Berlin, 1992
S. Paulus, T. Takagi: A new public-key cryptosystem over the quadratic order with quadratic decryption time, to appear in Journal of Cryptology, 1998, preprint via http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/sachar.html
R. Rivest, A. Shamir, L. Adleman: A method for obtaining digital signatures and public key-cryptosystems, Communications of the ACM, 21, 1978, pp. 120–126
C.P. Schnorr: Efficient identification and signatures for smart cards, Advances in Cryptology-CRYPTO’ 89, LNCS 435, Springer, 1990, pp. 239–252
R.J. Schoof: Quadratic Fields and Factorization. In: H.W. Lenstra, R. Tijdeman, (eds.): Computational Methods in Number Theory. Math. Centrum Tracts 155. Part II. Amsterdam, 1983. pp. 235–286.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hühnlein, D. (2000). Efficient Implementation of Cryptosystems Based on Non-maximal Imaginary Quadratic Orders. In: Heys, H., Adams, C. (eds) Selected Areas in Cryptography. SAC 1999. Lecture Notes in Computer Science, vol 1758. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46513-8_11
Download citation
DOI: https://doi.org/10.1007/3-540-46513-8_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67185-5
Online ISBN: 978-3-540-46513-3
eBook Packages: Springer Book Archive