New Public-Key Schemes Based on Elliptic Curves over the Ring Zn

Three new trapdoor one-way functions are proposed that are based on elliptic curves over the ring Zn. The first class of functions is a naive construction, which can be used only in a digital signature scheme, and not in a public-key cryptosystem. The second, preferred class of function, does not suffer from this problem and can be used for the same applications as the RSA trapdoor one-way function, including zero-knowledge identification protocols. The third class of functions has similar properties to the Rabin trapdoor one-way functions. Although the security of these proposed schemes is based on the difficulty of factoring n, like the RSA and Rabin schemes, these schemes seem to be more secure than those schemes from the viewpoint of attacks without factoring such as low multiplier attacks. The new schemes are somewhat less efficient than the RSA and Rabin schemes.

[1]  Arjen K. Lenstra,et al.  Factoring With Two Large Primes , 1990, EUROCRYPT.

[2]  David Chaum,et al.  Attacks on Some RSA Signatures , 1985, CRYPTO.

[3]  Ueli Maurer,et al.  Fast Generation of Secure RSA-Moduli with Almost Maximal Diversity , 1990, EUROCRYPT.

[4]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1991, STOC '91.

[5]  N. Koblitz A Course in Number Theory and Cryptography , 1987 .

[6]  Gary L. Miller Riemann's Hypothesis and Tests for Primality , 1976, J. Comput. Syst. Sci..

[7]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8]  Arjen K. Lenstra,et al.  Factoring with two large primes (extended abstract) , 1991 .

[9]  Gary L. Miller,et al.  On taking roots in finite fields , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[10]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[11]  Joe Kilian,et al.  Almost all primes can be quickly certified , 1986, STOC '86.

[12]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[13]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[14]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[15]  Johan Håstad,et al.  On Using RSA with Low Exponent in a Public Key Network , 1985, CRYPTO.

[16]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1993, IEEE Trans. Inf. Theory.

[17]  M. Rabin Probabilistic algorithm for testing primality , 1980 .

[18]  Evangelos Kranakis Primality and cryptography , 1986, Wiley-Teubner series in computer science.

[19]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[20]  Burton S. Kaliski,et al.  A Pseudo-Random Bit Generator Based on Elliptic Logarithms , 1986, CRYPTO.

[21]  R. Schoof Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p , 1985 .

[22]  Ueli Maurer,et al.  Non-interactive Public-Key Cryptography , 1991, EUROCRYPT.

[23]  J. Stein Computational problems associated with Racah algebra , 1967 .

[24]  Arjen K. Lenstra,et al.  The number field sieve , 1990, STOC '90.

[25]  G. J. Simmons,et al.  Preliminary Comments on the M.I.T. Public-Key Cryptosystem , 1977, Cryptologia.