In this work we give a non-trivial upper bound on the spectral norm of various Boolean predicates of the Diffie-Hellman function. For instance, we consider every individual bit and arbitrary unbiased intervals. Combining the bound with recent results from complexity theory we can rule out the possibility that a Boolean function with a too small spectral norm can be represented by simple functions like sparse polynomials over the reals, depth-2 threshold circuits with a small number of gates or Boolean decision trees of small rank. These results give a provable indication of the hardness of computing even a Boolean predicate of the Diffie-Hellman Function in various restricted models of computation.

We obtain lower bounds on the linear and nonlinear complexity profile of a general nonlinear pseudorandom number generator, of the inversive generator, and of a new nonlinear generator called quadratic exponential generator. Keywords Nonlinear pseudorandom number generators, inversive generator, quadratic exponential generator, (non-)linear complexity profile I.

Given a cyclic group G and a generator g, the Diffie-Hellman function (DH) maps two group elements (g a ; g b ) to g ab . For many groups G this function is assumed to be hard to compute. We generalize this function to the P -Diffie-Hellman function (P-DH) that maps two group elements (g a ; g b ) to g P (a;b) for a (non-linear) polynomial P in a and b.

We obtain new lower bounds on the linear complexity of several consecutive values of the discrete logarithm modulo a prime p. These bounds generalize and improve several previous results. Keywords: Discrete logarithm, Linear recurrence sequences, Linear complexity 1 1

Recently, the first author introduced some cryptographic functions closely related to the Diffie-Hellman problem called P -Diffie-Hellman functions. We show that the existence of a low degree polynomial representing a P -Diffie-Hellman function on a large set would lead to an efficient algorithm for solving the Diffie-Hellman problem. Motivated by this result we prove lower bounds on the degree of such interpolation polynomials. 1

In this paper, we study various combinatorial complexity characteristics of Boolean functions related to some natural arithmetic problems about polynomials over IF 2 . In particular, we consider the Boolean function deciding whether a given polynomial over IF 2 is squarefree. We obtain an exponential lower bound on the size of a decision tree for this function, and derive an asymptotic formula, having a linear main term, for its average sensitivity. This allows us to estimate other complexity characteristics such as the formula size, the average decision tree depth and the degrees of exact and approximative polynomial representations of this function. Finally, using a di#erent method, we show that squarefree testing and deciding irreducibility of polynomials over IF 2 are not in AC

Abstract. Let p be a odd prime such that 2 is a primitive element of finite field Fp. In this short note we propose a new algorithm for the computation of discrete logarithm in F ∗ p.

Given a prime p, we consider the dynamical system generated by repeated exponentiations modulo p, that is, by the map u ↦ → fg(u), where fg(u) ≡ g u (mod p) and 0 � fg(u) � p − 1. This map is in particular used in a number of constructions of cryptographically secure pseudorandom generators. We obtain nontrivial upper bounds on the number of fixed points and short cycles in the above dynamical system. 1

Abstract. Let p be a odd prime such that 2 is a primitive element of finite field Fp. In this short note we propose a new algorithm for the computation of discrete logarithm in F ∗ p. This algorithm is based on elementary properties of finite fields and is purely theoretical in nature.