Mathematics of Computation

Author(s): Maria Isabel González Vasco; Igor E. Shparlinski.
Journal: Math. Comp. 71 (2002), 333-342.
MSC (2000): Primary 94A60; Secondary 11T23, 11T71
Posted: June 14, 2001
Retrieve article in: PDF
This article is available free of charge

Boneh and Venkatesan have recently proposed a polynomial time algorithm for recovering a ``hidden'' element $\alpha$ of a finite field $\mathbb{F}_p$ of

elements from rather short strings of the most significant bits of the remainder modulo

of $\alpha t$ for several values of

selected uniformly at random from $\mathbb{F}_p^*$ . Unfortunately the applications to the computational security of most significant bits of private keys of some finite field exponentiation based cryptosystems given by Boneh and Venkatesan are not quite correct. For the Diffie-Hellman cryptosystem the result of Boneh and Venkatesan has been corrected and generalized in our recent paper. Here a similar analysis is given for the Shamir message passing scheme. The results depend on some bounds of exponential sums.

1.: D. Boneh and R. Venkatesan, Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1109 (1996), 129-142.
2.: M. I. González Vasco and M. Näslund, A survey of hard core functions, Proc. Workshop on Cryptography and Computational Number Theory, Singapore 1999, Birkhäuser, 2001, 227-256.
3.: M. I. González Vasco and I. E. Shparlinski, On the security of Diffie-Hellman bits, Proc. Workshop on Cryptography and Computational Number Theory, Singapore 1999, Birkhäuser, 2001, 257-268.
4.: S. V. Konyagin and I. E. Shparlinski, Character sums with exponential functions and their applications, Cambridge Univ. Press, Cambridge, 1999.MR 2000h:11089
5.: A. K. Lenstra, H. W. Lenstra and L. Lovász, Factoring polynomials with rational coefficients, Mathematische Annalen, 261 (1982), 515-534. MR 84a:12002
6.: R. Kannan, Algorithmic geometry of numbers, Annual Review of Comp. Sci., 2 (1987), 231-267. MR 89a:11131
7.: N. M. Korobov, `On the distribution of digits in periodic fractions', Math. USSR - Sbornik, 18 (1972), 659-676. MR 59:12619
8.: D. Micciancio, On the hardness of the shortest vector problem, PhD Thesis, MIT, 1998.
9.: A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, FL, 1997. MR 99g:94015
10.: P. Nguyen and J. Stern, Lattice reduction in cryptology: An update, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1838 (2000), 85-112.
11.: H. Niederreiter, Quasi-Monte Carlo methods and pseudo-random numbers, Bull. Amer. Math. Soc., 84 (1978), 957-1041. MR 80d:65016
12.: K. Prachar, Primzahlverteilung, Springer-Verlag, Berlin, 1957. MR 19:393b
13.: C. P. Schnorr, A hierarchy of polynomial time basis reduction algorithms, Theor. Comp. Sci., 53 (1987), 201-224. MR 89h:11085
14.: I. M. Vinogradov, Elements of number theory, Dover Publ., New York, 1954. MR 19:933e

Retrieve articles in Mathematics of Computation with MSC (2000): 94A60, 11T23, 11T71

Maria Isabel González Vasco
Affiliation: Department of Mathematics, University of Oviedo, Oviedo, 33007, Spain
Email: mvasco@orion.ciencias.uniovi.es

Igor E. Shparlinski
Affiliation: Dept. of Computing, Macquarie University, Sydney, NSW 2109, Australia
Email: igor@ics.mq.edu.au

DOI: 10.1090/S0025-5718-01-01358-8
PII: S 0025-5718(01)01358-8
Keywords: Shamir message passing scheme, bit security, exponential sums, cryptography
Received by editor(s): May 18, 2000
Posted: June 14, 2001
Copyright of article: Copyright 2001, American Mathematical Society

			Journals Home Search Author Info Subscribe Tech Support Help
ISSN 1088-6842(e) ISSN 0025-5718(p)

Previous issue \| Table of contents \| Next issue Articles in press \| Recently posted articles \| Most recent issue \| All issues Previous Article \| Next Article


	Comments: webmaster@ams.org © Copyright 2009, American Mathematical Society Privacy Statement		Search the AMS