D. Boneh, S. Halevi, and N.A. Howgrave-Graham. The Modular Inversion Hidden Number Problem. In ASIACRYPT 2001. Home/Search Document Details and Download
Summary Related Articles Check |
This paper is cited in the following contexts:
Playing "Hide-and-Seek" in Finite Fields: The Hidden Number.. - Shparlinski (2002) (Correct)
..... k. 8 The exact expression for the complexity of the algorithm of [19] depends on the complexity of linear algebra over and on the density of singular matrices over R. 7 HNP for Inversion Modulo p IF p Inverse HNP Yet another type of the HNP has been introduced and studied in [7]: IF p Inverse HNP: Recover a number # IF p , chosen independently and uniformly at random, we are given k pairs # t i for some # 0. The most essential distinction of the IF p Inverse HNP from the previously mentioned variants of the HNP is its non linearity. Nevertheless, the ....
....Recover a number # IF p , chosen independently and uniformly at random, we are given k pairs # t i for some # 0. The most essential distinction of the IF p Inverse HNP from the previously mentioned variants of the HNP is its non linearity. Nevertheless, the authors of [7] have found a way to linearize this problem and construct two polynomial time algorithms which recover #, provided that # is su#ciently large. One algorithm works with 3 for any # 0, and the authors claim that this algorithm can be rigorously analysed and proved. The other algorithm of [7] ....
[Article contains additional citation context not shown here]
D. Boneh, S. Halevi and N. A. Howgrave-Graham, `The modular inversion hidden number problem', Lect. Notes in Comp. Sci., SpringerVerlag, Berlin, 2248 (2001), 36--51.
Secure Bilinear Diffie-Hellman Bits - Galbraith, Hopkins, Shparlinski (2002) (Correct)
....function. The results follow from several recently established results [19, 26] on the hidden number problem with trace in extension elds. Detailed surveys of bit security results and discussions of their meaning and importance are given in [11, 12] several more recent results can be found in [5 7, 13 16, 19, 25, 26]. We obtain an almost complete analogue of the results of [7, 13] for m = 2 (for example, for the elliptic curves used by Joux [17] and Verheul [28] and much weaker, but nontrivial, results for m 3. For example, in the case that m = 2 and p is a 512 bit prime, our results imply that, if the ....
....t = e(QA ; P pub ) and analogues of Theorems 1 and 2 are obtained. 5 Remarks It remains an open problem to understand the bit security of keys obtained from the protocol TAK 4 of Al Riyami and Paterson [1] We remark that it would be valuable to extend our results (as well as the results of [5 7, 13, 14, 16, 19]) to case when the oracle works correctly only on a polynomially large fraction of all possible inputs. Unfortunately, at the moment it is not clear how to adjust the ideas of [7] underlying all further developments in this area, to work with such unreliable oracles. It has been shown in [13] ....
D. Boneh, S. Halevi and N. A. Howgrave-Graham, `The modular inversion hidden number problem ', Proc. Asiacrypt'
On the Unpredictability of Bits of the Elliptic Curve.. - Boneh, Shparlinski Self-citation (Boneh) (Correct)
....of them [6, 13, 17, 18] However the case where G is the point group of an elliptic curve has turned out to be much harder for applications of the lattice reduction based technique of [5] because of the inherited nonlinearity of the problem. Although some results have recently been obtained in [4] they are much weaker that those known for subgroups of F # p . Here, using a very di#erent technique, we show that working with a certain family of isomorphic curves (rather than with one fixed curve) allows to obtain results that are stronger than those known for subgroups of F # p . By using ....
D. Boneh, S. Halevi and N. A. Howgrave-Graham, `The modular inversion hidden number problem', Preprint , 2001.
On the Unpredictability of Bits of the Elliptic Curve.. - Boneh, Shparlinski Self-citation (Boneh) (Correct)
....of them [6, 13, 17, 18] However the case where G is the point group of an elliptic curve has turned out to be much harder for applications of the lattice reduction based technique of [5] because of the inherited nonlinearity of the problem. Although some results have recently been obtained in [4] they are much weaker that those known for subgroups of F p . Here, using a very di erent technique, we show that working with a certain family of isomorphic curves (rather than with one xed curve) allows to obtain results that are stronger than those known for subgroups of F p . By using ....
D. Boneh, S. Halevi and N. A. Howgrave-Graham, `The modular inversion hidden number problem', Preprint , 2001.
On the Provable Security of an Efficient RSA-Based.. - Steinfeld, Pieprzyk.. (2006) (Correct)
No context found.
D. Boneh, S. Halevi, and N.A. Howgrave-Graham. The Modular Inversion Hidden Number Problem. In ASIACRYPT 2001.
Cryptanalysis of MQV with partially known nonces - Leadbitter, Smart (2002) (1 citation) (Correct)
No context found.
D. Boneh, S. Halevi and N. Howgrave-Graham. The Modular Inversion Hidden Number Problem. In Advances in Cryptology -- ASIACrypt 2001, LNCS 2248, 36-51, 2001
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC