The cryptographic security of truncated linearly related variables

Authors:
J Hastad;A Shamir
Affiliations:
Department of Mathematics, MIT, Cambridge, MA;Department of Applied Mathematics, The Weizmann Institute of Science, Rehovot, Israel
Venue:
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
Year:
1985

Citing 3
Cited 12

The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms

The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
How to exchange (secret) keys

ACM Transactions on Computer Systems (TOCS)
Improved algorithms for integer programming and related lattice problems

STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing

A randomized protocol for signing contracts

Communications of the ACM
How to construct random functions

Journal of the ACM (JACM)
Inferring sequences produced by pseudo-random number generators

Journal of the ACM (JACM)
Practical and provably secure release of a secret and exchange of signatures

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Gradual and Verifiable Release of a Secret

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Secure verifiable non-interactive oblivious transfer protocol using RSA and Bit commitment on distributed environment

Future Generation Computer Systems
Pseudorandom bit generation using coupled congruential generators

IEEE Transactions on Circuits and Systems II: Express Briefs
A new secure oblivious transfer protocol

ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V
I forgot your password: randomness attacks against PHP applications

Security'12 Proceedings of the 21st USENIX conference on Security symposium
A new elliptic curve cryptosystem for securing sensitive data applications

International Journal of Electronic Security and Digital Forensics
More efficient oblivious transfer and extensions for faster secure computation

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.02

Visualization

Abstract

In this paper we describe a polynomial time algorithm for computing the values of variables x1, … xk when some of their bits and some linear relationships between them are known. The algorithm is essentially optimal in its use of information in the sense that it can be applied as soon as the values of the xi become uniquely determined by the constraints. Its cryptanalytic significance is demonstrated by two applications: breaking linear congruential generators whose outputs are truncated, and breaking Blum's protocol for exchanging secrets.