Advertisement

A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption

  • Detlef Hühnlein
  • Michael J. JacobsonJr.
  • Sachar Paulus
  • Tsuyoshi Takagi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1403)

Abstract

We introduce a new cryptosystem with trapdoor decryption based on the difficulty of computing discrete logarithms in the class group of the nonmaximal imaginary quadratic order N Δq, where δq = δq2, δ square-free and q prime. The trapdoor information is the conductor q. Knowledge of this trapdoor information enables one to switch to and from the class group of the maximal order N Δ, where the representatives of the ideal classes have smaller coefficients. Thus, the decryption procedure may be performed in the class group of N Δ rather than in the class group of the public N Δq, which is much more efficient. We show that inverting our proposed cryptosystem is computationally equivalent to factoring the non-fundamental discriminant δq, which is intractable for a suitable choice of δ and q. We also describe how signature schemes in N Δq may be set up using this trapdoor information. Furthermore, we illustrate how one may embed key escrow capability into classical imaginary quadratic field cryptosystems.

Keywords

Public key cryptosystem imaginary quadratic order trapdoor decryption factorization key escrow 

References

  1. 1.
    I. Biehl, J. Buchmann, and T. Papanikolaou. LiDIA — A library for computational number theory. The LiDIA Group, Universität des Saarlandes, Saarbrücken, Germany, 1995.Google Scholar
  2. 2.
    Z.I. Borevich and I.R. Shafarevich. Number Theory. Academic Press, New York, 1966.Google Scholar
  3. 3.
    J. Buchmann and S. Düllmann. On the computation of discrete logarithms in class groups. In Advances in Cryptology — CRYPTO '90, volume 537 of Lecture Notes in Computer Science, pages 134–139, 1991.Google Scholar
  4. 4.
    J. Buchmann, S. Düllmann, and H.C. Williams. On the complexity and efficiency of a new key exchange system. In Advances in Cryptology — EUROCRYPT '89, volume 434 of Lecture Notes in Computer Science, pages 597–616, 1990.Google Scholar
  5. 5.
    J. Buchmann and H.C. Williams. A key-exchange system based on imaginary quadratic fields. Journal of Cryptology, 1:107–118, 1988.MATHMathSciNetCrossRefGoogle Scholar
  6. 6.
    J.P. Buhler, H.W. Lenstra, Jr., and C. Pomerance. Factoring integers with the number fields sieve. In A.K. Lenstra and H.W. Lenstra, Jr., editors, The Developement of the Number Field Sieve, volume 1554 of Lecture Notes in Math., pages 50–94. Springer, Berlin, 1993.Google Scholar
  7. 7.
    H. Cohen. A Course in Computational Algebraic Number Theory. Springer-Verlag, Berlin, 1993.Google Scholar
  8. 8.
    D.A. Cox. Primes of the form x2 + ny2. John Wiley & Sons, New York, 1989.Google Scholar
  9. 9.
    W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:472–492, 1976.MathSciNetCrossRefGoogle Scholar
  10. 10.
    S. Düllmann. Ein Algorithmus zur Bestimmung der Klassengruppe positiv definiter binärer quadratischer Formen. PhD thesis, Universität des Saarlandes, Saarbrücken, Germany, 1991.Google Scholar
  11. 11.
    T. El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31:469–472, 1985.CrossRefGoogle Scholar
  12. 12.
    J.L. Hafner and K.S. McCurley. A rigorous subexpoential algorithm for computation of class groups. J. Amer. Math. Soc., 2:837–850, 1989.MATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    L.K. Hua. Introduction to Number Theory. Springer-Verlag, New York, 1982.Google Scholar
  14. 14.
    M.J. Jacobson, Jr. Applying sieving to the computation of quadratic class groups. To appear in Math. Comp., 1997.Google Scholar
  15. 15.
    N. Koblitz. Elliptic curve cryptosystems. Math. Comp., 48:203–209, 1987.MATHMathSciNetCrossRefGoogle Scholar
  16. 16.
    N. Koblitz. Hyperelliptic cryptosystems. Journal of Cryptology, 1:139–150, 1989.MATHMathSciNetCrossRefGoogle Scholar
  17. 17.
    H.W. Lenstra, Jr. Factoring integers with elliptic curves. Annals of Math. (2), 126:649–673, 1987.MATHMathSciNetCrossRefGoogle Scholar
  18. 18.
    K.S. McCurley. Cryptographic key distribution and computation in class groups. In R.A. Mollin, editor, Proc. NATO ASI on Number Theory and Applications, pages 459–479. Kluwer Academic Press, 1989.Google Scholar
  19. 19.
    K.S. McCurley. A key distribution system equivalent to factoring. Journal of Cryptology, 1:95–105, 1989.MathSciNetCrossRefGoogle Scholar
  20. 20.
    V. Miller. Use of elliptic curves in cryptography. In Advances in Cryptology — CRYPTO '85, volume 218 of Lecture Notes in Computer Science, pages 417–426, 1986.Google Scholar
  21. 21.
    J. Neukirch. Algebraische Zahlentheorie. Springer, Berlin, 1992.Google Scholar
  22. 22.
    K. Nyberg and R. Rüppel. A new signature scheme based on the DSA giving message recovery. In 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, Nov. 3–5, 1993.Google Scholar
  23. 23.
    National Institute of Standards and Technology (NIST). Digital signature standard (DSS). Federal Information Processing Standards Publication, 186, May 19, 1994.Google Scholar
  24. 24.
    C. Pomerance. Analysis and comparison of some integer factoring algorithms. In H.W. Lenstra, Jr. and R. Tijdeman, editors, Computational Methods in Number Theory, pages 89–139. Math. Centre Tracts, Amsterdam, 1983. Number 154, Part I.Google Scholar
  25. 25.
    R.J. Schoof. Quadratic fields and factorization. In H.W. Lenstra, Jr. and R. Tijdeman, editors, Computational Methods in Number Theory, pages 235–286. Math. Centre Tracts, Amsterdam, 1983. Number 155, Part II.Google Scholar
  26. 26.
    D. Shanks. On Gauss and composition I, II. In R.A. Mollin, editor, Proc. NATO ASI on Number Theory and Applications, pages 163–179. Kluwer Academic Press, 1989.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Detlef Hühnlein
    • 1
  • Michael J. JacobsonJr.
    • 2
  • Sachar Paulus
    • 2
  • Tsuyoshi Takagi
    • 3
  1. 1.Secunet Security Networks GmbHEschbornGermany
  2. 2.Institut für theoretische InformatikTechnische Universität Darmstadt, FB InformatikDarmstadtGermany
  3. 3.NTT Software LaboratoriesTokyoJapan

Personalised recommendations