A simple unpredictable pseudo random number generator
SIAM Journal on Computing
On the Generation of Cryptographically Strong Pseudo-Random Sequences
Proceedings of the 8th Colloquium on Automata, Languages and Programming
How discreet is the discrete log?
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
On the cryptographic security of single RSA bits
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
How to generate cryptographically strong sequences of pseudo random bits
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Why and how to establish a private code on a public network
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Trapdoor pseudo-random number generators, with applications to protocol design
SFCS '83 Proceedings of the 24th Annual Symposium on Foundations of Computer Science
Computation of approximate L-th roots modulo n and application to cryptography
CRYPTO '88 Proceedings on Advances in cryptology
Another Method for Attaining Security Against Adaptively Chosen Ciphertext Attacks
CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Dial C for cipher: le chiffrement était presque parfait
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Provably secure key assignment schemes from factoring
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Hi-index | 0.00 |
Cryptographically secure pseudo-random number generators known so far suffer from the handicap of being inefficient; the most efficient ones can generate only one bit on each modular multiplication (n2 steps). Blum, Blum and Shub ask the open problem of outputting even two bits securely. We state a simple condition, the XOR-Condition, and show that any generator satisfying this condition can output logn bits on each multiplication. We also show that the logn least significant bits of RSA, Rabin's Scheme, and the x2 mod N generator satisfy this condition. As a corollary, we prove that all boolean predicates of these bits are secure. Furthermore, we strengthen the security of the x2 mod N generator, which being a Trapdoor Generator, has several applications, by proving it as hard as Factoring.