Implementation of a key exchange protocol using real quadratic fields (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A course in computational algebraic number theory
A course in computational algebraic number theory
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
A Key Exchange System Based on Real Quadratic Fields
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Cryptographic Protocols Based on Discrete Logarithms in Real-quadratic Orders
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Cryptographic Protocols Based on Real-Quadratic A-fields
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Fast exponentiation with precomputation
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
| Hi-index | 0.01 |
Cryptosystems based on the discrete logarithm problem in the infrastructure of a real quadratic number field [7,19,2] are very interesting from a theoretical point of view, because this problem is known to be at least as hard as, and when considering todays algorithms - as in [11] - much harder than, factoring integers. However it seems that the cryptosystems sketched in [2] have not been implemented yet and consequently it is hard to evaluate the practical relevance of these systems. Furthermore as [2] lacks any proofs regarding the involved approximation precisions, it was not clear whether the second communication round, as required in [7,19], really could be avoided without substantial slowdown. In this work we will prove a bound for the necessary approximation precision of an exponentiation using quadratic numbers in power product representation and show that the precision given in [2] can be lowered considerably. As the highly space consuming power products can not be applied in environments with limited RAM, we will propose a simple (CRIAD1-) arithmetic which entirely avoids these power products. Beside the obvious savings in terms of space this method is also about 30% faster. Furthermore one may apply more sophisticated exponentiation techniques, which finally result in a ten-fold speedup compared to [2].