Advances in Cryptology: Proceedings of CRYPTO 84 by S C Serpell, C B Brookson, B L Clark (auth.), George Robert

By S C Serpell, C B Brookson, B L Clark (auth.), George Robert Blakley, David Chaum (eds.)

Recently, there was loads of curiosity in provably "good" pseudo-random quantity turbines [lo, four, 14, 31. those cryptographically safe turbines are "good" within the feel that they go all probabilistic polynomial time statistical checks. although, regardless of those great houses, the safe turbines identified up to now be afflicted by the han- cap of being inefiicient; the main efiicient of those take n2 steps (one modular multip- cation, n being the size of the seed) to generate one bit. Pseudc-random quantity g- erators which are at present utilized in perform output n bits in line with multiplication (n2 steps). a tremendous open challenge used to be to output even bits on every one multiplication in a cryptographically safe manner. This challenge was once said through Blum, Blum & Shub [3] within the context in their z2 mod N generator. They extra ask: what percentage bits will be o- positioned according to multiplication, preserving cryptographic safeguard? during this paper we country an easy , the XOR-Condition and express that any generator pleasurable this can output logn bits on every one multiplication. We express that the XOR-Condition is chuffed by means of the lop least major bits of the z2-mod N generator. the protection of the z2 mod N generator used to be in keeping with Quadratic Residu- ity [3]. This generator is an instance of a Trapdoor Generator [13], and its trapdoor houses were utilized in protocol layout. We boost the safety of this gene- tor by means of proving it as difficult as factoring.

Show description

Read or Download Advances in Cryptology: Proceedings of CRYPTO 84 PDF

Similar nonfiction_8 books

Signal Processing and Pattern Recognition in Nondestructive Evaluation of Materials

The NATO complicated learn Workshop on sign Processing and trend popularity in Nondestructive assessment (NOE) of fabrics was once held August 19-22, 1987 on the Manoir St-Castin, Lac Beauport, Quebec, Canada. smooth sign processing, trend reputation and synthetic intelligence were enjoying an more and more vital function in bettering nondestructive assessment and trying out thoughts.

Incommensurate Crystals, Liquid Crystals, and Quasi-Crystals

During this NATO-sponsored complicated examine Workshop we succeeded in bringing jointly nearly 40 scientists operating within the 3 major components of structurally incommensurate fabrics: incommensurate crystals (primarily ferroelectric insulators), incommensurate liquid crystals, and metal quasi-crystals.

Additional info for Advances in Cryptology: Proceedings of CRYPTO 84

Sample text

Appropriately choosing t h e parameters, we can control the density of the resulting knapsack. In particular, the density can be made high enough to foil "low density" attacks against our system. At the moment, we d o not know of any zttncks capable of "breaking" this systen h a reasonable amount of time. 1. INTRODUCTION In 1976, Diffie and Hellman [7] introduced the idea of public key cryptography, in which two different keys are used: one for encryption, and one for decryption. Each user keeps his decryption key secret, whiie making the encryption key public, so it can be used by everyone wishing to send messages to him.

36 iSna83cI A Shamir, "On the generation of cryptograPhlcally strong pseudorandom sequences,' ACM Tfansaclfons on Computer Systems I , I (Feb. 19831, pp. 38-44. [Tarfa31 R. E. Tarjan, Data Structures andNetwork Algorithms, SIAM, 1983. EWagn841 N R Wagner, 'Searching for public-key cryptosystems,' Proceedings of the 1984 Symposium on Securjty and Privacy, IEEE Computer Society, pp- 9 1-98. [Wi1180] H. C. € Tfmsactions on Information Theory, IT-26,6 (Nw. 19801, pp. 726-729. S BASED ON POLYNOMIAL EQUATIONS (preliminary version) H.

It is thus important to use a one way function that mixes t and m thoroughly (preferably via non-arithmetic and non-invertible operations) and which has a large range of possible values. We believe that with a proper choice of parameters this scheme can be made very secure, but we cannot prove that breaking it is equivalent to solving some well known computational problem. Its main purpose is didactic, to serve as the first existence proof for identity based schemes. The Ong-Schnorr-Shamir signature scheme (described elsewhere in these proceedings) can also be used as an identity-based scheme, but its security is still an open problem in light of Pollard’s successful attacks against its earlier verisons.

Download PDF sample

Rated 4.36 of 5 – based on 30 votes