Remote Access Mathematics of Computation
Green Open Access

Mathematics of Computation

ISSN 1088-6842(online) ISSN 0025-5718(print)

Request Permissions   Purchase Content 
 
 

 

Indifferentiable deterministic hashing to elliptic and hyperelliptic curves


Authors: Reza R. Farashahi, Pierre-Alain Fouque, Igor E. Shparlinski, Mehdi Tibouchi and J. Felipe Voloch
Journal: Math. Comp. 82 (2013), 491-512
MSC (2010): Primary 11T23, 11T71, 14G50
DOI: https://doi.org/10.1090/S0025-5718-2012-02606-8
Published electronically: April 24, 2012
MathSciNet review: 2983033
Full-text PDF

Abstract | References | Similar Articles | Additional Information

Abstract: At Crypto 2010, Brier et al. proposed the first construction of a hash function into ordinary elliptic curves that was indifferentiable from a random oracle, based on Icart's deterministic encoding from Crypto 2009. Such a hash function can be plugged into essentially any cryptosystem that requires hashing into elliptic curves, while not compromising proofs of security in the random oracle model. However, the proof relied on relatively involved tools from algebraic geometry, and only applied to Icart's deterministic encoding from Crypto 2009.

In this paper, we present a new, simpler technique based on bounds of character sums to prove the indifferentiability of similar hash function constructions based on any of the known deterministic encodings to elliptic curves or curves of higher genus, such as the algorithms by Shallue, van de Woestijne and Ulas, or the Icart-like encodings recently presented by Kammerer, Lercier and Renault. In particular, we get the first constructions of well-behaved hash functions to Jacobians of hyperelliptic curves.

Our technique also provides more precise estimates on the statistical behavior of those deterministic encodings and the hash function constructions based on them. Additionally, we can derive pseudorandomness results for partial bit patterns of such encodings.


References [Enhancements On Off] (What's this?)

  • 1. J. Baek and Y. Zheng.
    Identity-based threshold decryption.
    In F. Bao, R. H. Deng, and J. Zhou, editors. PKC 2004, volume 2947 of Lecture Notes in Computer Science, pages 262-276. Springer, 2004. MR 2095652
  • 2. P. S. L. M. Barreto and M. Naehrig.
    Pairing-friendly elliptic curves of prime order.
    In B. Preneel and S. E. Tavares, editors, Selected Areas in Cryptography, volume 3897 of Lecture Notes in Computer Science, pages 319-331. Springer, 2005. MR 2241646 (2007d:94026)
  • 3. A. Boldyreva.
    Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme.
    In Y. Desmedt, editor, PKC 2003, volume 2567 of Lecture Notes in Computer Science, pages 31-46. Springer, 2002. MR 2171915 (2006h:94168)
  • 4. E. Bombieri.
    On exponential sums in finite fields.
    In Les Tendances Géom. en Algèbre et Théorie des Nombres, pages 37-41. Éditions du Centre National de la Recherche Scientifique, Paris, 1966. MR 0204413 (34:4255)
  • 5. D. Boneh and M. K. Franklin.
    Identity-based encryption from the Weil pairing.
    In J. Kilian, editor, CRYPTO, volume 2139 of Lecture Notes in Computer Science, pages 213-229. Springer, 2001. MR 1931424 (2003h:94054)
  • 6. D. Boneh, C. Gentry, B. Lynn, and H. Shacham.
    Aggregate and verifiably encrypted signatures from bilinear maps.
    In E. Biham, editor, EUROCRYPT, volume 2656 of Lecture Notes in Computer Science, pages 416-432. Springer, 2003 MR 2090433 (2005d:94084)
  • 7. D. Boneh, B. Lynn, and H. Shacham.
    Short signatures from the Weil pairing.
    In C. Boyd, editor, ASIACRYPT, volume 2248 of Lecture Notes in Computer Science, pages 514-532. Springer, 2001. MR 1934861 (2004a:94051)
  • 8. C. Boyd, P. Montague and K.Q. Nguyen.
    Elliptic Curve Based Password Authenticated Key Exchange Protocols.
    In ACISP 2001, volume 2119 of Lecture Notes in Computer Science, pages 487-501. Springer, 2001.
  • 9. X. Boyen.
    Multipurpose identity-based signcryption (a swiss army knife for identity-based cryptography).
    In D. Boneh, editor, CRYPTO, volume 2729 of Lecture Notes in Computer Science, pages 383-399. Springer, 2003. MR 2093205 (2005f:94083)
  • 10. E. Brier, J.-S. Coron, T. Icart, D. Madore, H. Randriam, and M. Tibouchi.
    Efficient indifferentiable hashing into ordinary elliptic curves.
    In T. Rabin, editor, CRYPTO, volume 6223 of Lecture Notes in Computer Science, pages 237-254. Springer, 2010.
  • 11. J. C. Cha and J. H. Cheon.
    An identity-based signature from gap Diffie-Hellman groups.
    Y. Desmedt, editor. PKC 2003, volume 2567 of Lecture Notes in Computer Science, pages 18-30. Springer, 2002. MR 2171914 (2006i:94080)
  • 12. H. Chabanne and M. Tibouchi.
    Securing e-passports with elliptic curves.
    IEEE Security & Privacy, 9(2):75-78, 2011.
  • 13. J.-M. Couveignes and J.-G. Kammerer.
    The geometry of flex tangents to a cubic curve and its parameterizations.
    Cryptology ePrint Archive, Report 2011/033, 2011.
    http://eprint.iacr.org/.
  • 14. M. Drmota and R. Tichy.
    Sequences, discrepancies and applications.
    Springer-Verlag, Berlin, 1997. MR 1470456 (98j:11057)
  • 15. R. R. Farashahi.
    Hashing into Hessian curves.
    In A. Nitaj and D. Pointcheval, editors, AFRICACRYPT, volume 6737 of Lecture Notes in Computer Science, pages 278-289. Springer, 2011.
  • 16. R. R. Farashahi, I. E. Shparlinski and J. F. Voloch.
    On hashing into elliptic curves.
    J. Math. Cryptology, 3(4):353-360, 2009. MR 2608601 (2011j:11112)
  • 17. P.-A. Fouque and M. Tibouchi.
    Deterministic encoding and hashing to odd hyperelliptic curves.
    In M. Joye, A. Miyaji and A. Otsuka, editors, Pairing 2010, volume 6487 of Lecture Notes in Computer Science, pages 265-277. Springer, 2010.
  • 18. P.-A. Fouque and M. Tibouchi.
    Estimating the size of the image of deterministic hash functions to elliptic curves.
    In M. Abdalla and P. Baretto, editors, LATINCRYPT, volume 6212 of Lecture Notes in Computer Science, pages 81-91. Springer, 2010.
  • 19. C. Gentry and A. Silverberg.
    Hierarchical ID-based cryptography.
    In Y. Zheng, editor. Advances in Cryptology - ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science, pages 548-566. Springer, 2002. MR 2087407 (2005d:94104)
  • 20. J. Horwitz and B. Lynn.
    Toward hierarchical identity-based encryption.
    In L. R. Knudsen, editor, EUROCRYPT, volume 2332 of Lecture Notes in Computer Science, pages 466-481. Springer, 2002. MR 1975549
  • 21. T. Icart.
    How to hash into elliptic curves.
    In S. Halevi, editor, CRYPTO, volume 5677 of Lecture Notes in Computer Science, pages 303-316. Springer, 2009. MR 2556964
  • 22. H. Iwaniec and E. Kowalski.
    Analytic number theory.
    Amer. Math. Soc., Providence, RI, 2004. MR 2061214 (2005h:11005)
  • 23. J.-G. Kammerer, R. Lercier, and G. Renault.
    Encoding points on hyperelliptic curves over finite fields in deterministic polynomial time.
    In M. Joye, A. Miyaji and A. Otsuka, editors, Pairing 2010, volume 6487 of Lecture Notes in Computer Science, pages 278-297. Springer, 2010.
  • 24. D. R. Kohel and I. Shparlinski.
    On exponential sums and group generators for elliptic curves over finite fields.
    In W. Bosma, editor, ANTS, volume 1838 of Lecture Notes in Computer Science, pages 395-404. Springer, 2000. MR 1850620 (2003c:11094)
  • 25. B. Libert and J.-J. Quisquater.
    Efficient signcryption with key privacy from gap Diffie-Hellman groups.
    In F. Bao, R. H. Deng, and J. Zhou, editors. PKC 2004, volume 2947 of Lecture Notes in Computer Science, pages 187-200. Springer, 2004. MR 2095647
  • 26. R. Lidl and H. Niederreiter.
    Finite fields.
    Cambridge Univ. Press, Cambridge, 1997. MR 1429394 (97i:11115)
  • 27. U. M. Maurer, R. Renner, and C. Holenstein.
    Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology.
    In M. Naor, editor, TCC, volume 2951 of Lecture Notes in Computer Science, pages 21-39. Springer, 2004. MR 2146712 (2006i:94094)
  • 28. T. Ristenpart, H. Shacham, and T. Shrimpton.
    Careful with composition: Limitations of the indifferentiability framework.
    In K. G. Paterson, editor, EUROCRYPT, volume 6632 of Lecture Notes in Computer Science, pages 487-506. Springer, 2011.
  • 29. M. Rosen.
    Number Theory in Function Fields, volume 210 of Graduate Texts in Mathematics.
    Springer, 2002. MR 1876657 (2003d:11171)
  • 30. A. Shallue and C. van de Woestijne.
    Construction of rational points on elliptic curves over finite fields.
    In F. Hess, S. Pauli, and M. E. Pohst, editors, ANTS, volume 4076 of Lecture Notes in Computer Science, pages 510-524. Springer, 2006. MR 2282946 (2007k:11095)
  • 31. M. Skałba.
    Points on elliptic curves over finite fields.
    Acta Arith., 117(3):293-301, 2005. MR 2139009 (2006d:11066)
  • 32. M. Ulas.
    Rational points on certain hyperelliptic curves over finite fields.
    Bull. Polish Acad. Sci. Math., 55(2):97-104, 2007. MR 2318631 (2008f:11037)
  • 33. A. Weil.
    Basic number theory.
    Classics in Mathematics. Springer-Verlag, Berlin, 1995. MR 1344916 (96c:11002)
  • 34. F. Zhang and K. Kim.
    ID-based blind signature and ring signature from pairings.
    In Y. Zheng, editor. Advances in Cryptology - ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science, pages 533-547. Springer, 2002. MR 2087406 (2005d:94147)

Similar Articles

Retrieve articles in Mathematics of Computation with MSC (2010): 11T23, 11T71, 14G50

Retrieve articles in all journals with MSC (2010): 11T23, 11T71, 14G50


Additional Information

Reza R. Farashahi
Affiliation: Macquarie University, Department of Computing, North Ryde, Sydney, NSW 2109, Australia— and — Isfahan University of Technology, Department of Mathematical Sciences, P.O. Box 85145 Isfahan, Iran
Email: reza.farashahi@mq.edu.au

Pierre-Alain Fouque
Affiliation: École normale supérieure, Département d’informatique, Équipe de cryptographie, 45 rue d’Ulm, f-75230 Paris Cedex 05, France
Email: pierre-alain.fouque@ens.fr

Igor E. Shparlinski
Affiliation: Macquarie University, Department of Computing, North Ryde, Sydney, NSW 2109, Australia
Email: igor.shparlinski@mq.edu.au

Mehdi Tibouchi
Affiliation: École normale supérieure, Département d’informatique, Équipe de cryptographie, 45 rue d’Ulm, f-75230 Paris Cedex 05, France
Address at time of publication: NTT Information Sharing Platform Labs, 3-9-11 Midori-cho, Musashino-shi Tokyo, 180-8585, Japan
Email: tibouchi.mehdi@lab.ntt.co.jp

J. Felipe Voloch
Affiliation: University of Texas, Department of Mathematics, Austin, Texas 78712
Email: voloch@math.utexas.edu

DOI: https://doi.org/10.1090/S0025-5718-2012-02606-8
Keywords: Elliptic curve cryptography, hashing, random oracle model, exponential sums, pseudorandomness
Received by editor(s): February 4, 2011
Received by editor(s) in revised form: August 8, 2011
Published electronically: April 24, 2012
Article copyright: © Copyright 2012 American Mathematical Society

American Mathematical Society