A public key cryptosystem and a signature scheme based on discrete logarithms
Proceedings of CRYPTO 84 on Advances in cryptology
Computing roots in finite fields and groups, with a jaunt through sums of digits
Computing roots in finite fields and groups, with a jaunt through sums of digits
The Relationship Between Breaking the Diffie--Hellman Protocol and Computing Discrete Logarithms
SIAM Journal on Computing
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Diffie-Hillman is as Strong as Discrete Log for Certain Primes
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Algorithms
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Tool Box of Cryptographic Functions Related to the Diffie-Hellman Function
INDOCRYPT '01 Proceedings of the Second International Conference on Cryptology in India: Progress in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Number-theoretic constructions of efficient pseudo-random functions
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Publicly verifiable secret sharing
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
| Hi-index | 0.01 |
The Computational Diffie-Hellman problem and its decisional variant are at the heart of many cryptographic applications. Yet, their exact computational power and their relationship to the Discrete Logarithm problem and the Decision Diffie-Hellman problem (DDH) is not fully understood in all settings. In order to extend the current understanding of the problem we introduce a new decision problem that we call the Jacobi Discrete Logarithm problem. We argue that this is a natural problem and we analyze it in groups in which Decision Diffie-Hellman (DDH) is believed to be intractable. In short, the JDL problem is to return the Jacobi symbol of the exponent x in gx. We show that JDL is random self-reducible and that it lies in between the Computational Diffie-Hellman (CDH) problem and DDH. Our analysis involves the notion of a powering oracle. Maurer and Wolf showed that a squaring oracle that returns $g^{u^2}$ on input gu is actually equivalent to a DH oracle. It is weaker in the sense that it can be posed as a specialized DH oracle that need only respond correctly when u = v. In this paper we extend the study of the relationships between Diffie-Hellman and oracles for problems which manipulate or give partial information about the index of their input. We do so by presenting a reduction that shows that a powering oracle that responds with $g^{u^a} mod P$ when given gu for an unknown a that is poly-logarithmic in p, is equivalent to DH. Technically, our reduction utilizes the inverse of a particular type of Vandermonde matrix. This inverse matrix has recursively defined entries. Implications for large values of a are also given.