A course in number theory and cryptography
A course in number theory and cryptography
A hierarchy of polynomial time lattice basis reduction algorithms
Theoretical Computer Science
RSA and Rabin functions: certain parts are as hard as the whole
SIAM Journal on Computing - Special issue on cryptography
Reconstructing truncated integer variables satisfying linear congruences
SIAM Journal on Computing - Special issue on cryptography
A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Non-Interactive Oblivious Transfer and Spplications
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Generating EIGamal signatures without knowing the secret key
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Relationships among the computational powers of breaking discrete log cryptosystems
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
On the Generalised Hidden Number Problem and Bit Security of XTR
AAECC-14 Proceedings of the 14th International Symposium on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
The Hidden Number Problem in Extension Fields and Its Applications
LATIN '02 Proceedings of the 5th Latin American Symposium on Theoretical Informatics
On the Unpredictability of Bits of the Elliptic Curve Diffie--Hellman Scheme
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Universal Padding Schemes for RSA
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Hidden Number Problem with the Trace and Bit Security of XTR and LUC
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Round-Efficient Conference Key Agreement Protocols with Provable Security
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The Modular Inversion Hidden Number Problem
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Informatics - 10 Years Back. 10 Years Ahead.
FCT '01 Proceedings of the 13th International Symposium on Fundamentals of Computation Theory
On the Bit Security of NTRUEncrypt
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Smooth Orders and Cryptographic Applications
ANTS-V Proceedings of the 5th International Symposium on Algorithmic Number Theory
The Two Faces of Lattices in Cryptology
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
The Insecurity of Nyberg-Rueppel and Other DSA-Like Signature Schemes with Partially Known Nonces
CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Simplified OAEP for the RSA and Rabin Functions
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Bits Security of the Elliptic Curve Diffie---Hellman Secret Keys
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Optimal Randomness Extraction from a Diffie-Hellman Element
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Known---Plaintext---Only Attack on RSA---CRT with Montgomery Multiplication
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
On the bit security of the weak Diffie-Hellman problem
Information Processing Letters
ProvSec'10 Proceedings of the 4th international conference on Provable security
Toward compact public key encryption based on CDH assumption via extended twin DH assumption
ProvSec'11 Proceedings of the 5th international conference on Provable security
Spectral norm in learning theory: some selected topics
ALT'06 Proceedings of the 17th international conference on Algorithmic Learning Theory
Hardness of distinguishing the MSB or LSB of secret keys in diffie-hellman schemes
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Experimenting with faults, lattices and the DSA
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Relationships between diffie-hellman and “index oracles”
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
On the modular inversion hidden number problem
Journal of Symbolic Computation
Secret key leakage from public key perturbation of DLP-Based cryptosystems
Cryptography and Security
Finite Fields and Their Applications
Security of polynomial transformations of the Diffie-Hellman key
Finite Fields and Their Applications
International Journal of Applied Cryptography
Classical hardness of learning with errors
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Using bleichenbacher's solution to the hidden number problem to attack nonce leaks in 384-bit ECDSA
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Limits of a conjecture on a leakage-resilient cryptosystem
Information Processing Letters
Hi-index | 0.00 |
We show that computing the most significant bits of the secret key in a Diffie-Hellman key-exchange protocol from the public keys of the participants is as hard as computing the secret key itself. This is done by studying the following hidden number problem: Given an oracle Oα(x) that on input x computes the k most significant bits of α ċ gx mod p, find α modulo p. Our solution can be used to show the hardness of MSB'S in other schemes such s ElGamal's public key system, Shamir's message passing scheme and Okamoto's conference key sharing scheme. Our results lead us to suggest a new variant of Diffie-Hellman key exchange (and other systems), for which we prove the most significant bit is hard to compute.