Minkowski's convex body theorem and integer programming
Mathematics of Operations Research
A hierarchy of polynomial time lattice basis reduction algorithms
Theoretical Computer Science
Reconstructing truncated integer variables satisfying linear congruences
SIAM Journal on Computing - Special issue on cryptography
Inferring sequences produced by pseudo-random number generators
Journal of the ACM (JACM)
Inferring sequences produced by a linear congruential generator missing low-order bits
Journal of Cryptology
The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
A sieve algorithm for the shortest lattice vector problem
STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
Complexity of Lattice Problems
Complexity of Lattice Problems
Finding Small Roots of Univariate Modular Equations Revisited
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Lattice Reduction in Cryptology: An Update
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Dynamical systems generated by rational functions
AAECC'03 Proceedings of the 15th international conference on Applied algebra, algebraic algorithms and error-correcting codes
Deciphering a linear congruential encryption
IEEE Transactions on Information Theory
Designs, Codes and Cryptography
Attacking Power Generators Using Unravelled Linearization: When Do We Output Too Much?
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the provable security of an efficient RSA-Based pseudorandom generator
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Predicting subset sum pseudorandom generators
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
On the modular inversion hidden number problem
Journal of Symbolic Computation
On the discrepancy and linear complexity of some counter-dependent recurrence sequences
SETA'06 Proceedings of the 4th international conference on Sequences and Their Applications
Inferring sequences produced by nonlinear pseudorandom number generators using coppersmith's methods
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
Let q1 be an integer and let a and b be elements of the residue ring Z"q of integers modulo q. We show how, when given a polynomial f@?Z"q[X] and approximations to v"0,v"1@?Z"q such that v"1=f(v"0)modq one can recover v"0 and v"1 efficiently. This result has direct applications to predicting the polynomial congruential generator: a sequence (v"n) of pseudorandom numbers defined by the relation v"n"+"1=f(v"n)modq for some polynomial f@?Z"q[X]. The applications lead to analogues of results known for the linear congruential generator x"n"+"1=ax"n+bmodq, although the results are much more restrictive due to nonlinearity of the problem.