Topics in Cryptology — CT-RSA 2001

In [7] there was proposed a Schnorr-type signature scheme based on non-maximal imaginary quadratic orders, which signature generation is – for the same conjectured level of security – about twice as fast as in the original scheme [15]. In this work we will significantly improve upon this result, by speeding up the generation of NICE-Schnorr-type signatures by another factor of two. While in [7] one used the surjective homomorphism IFp⊗IFp → Ker(φ−1 Cl ) to generate signatures by two modular exponentiations, we will show that there is an efficiently computable isomorphism IFp ∼ = Ker(φ−1 Cl ) in this case, which makes the signature generation about four times as fast as in the original Schnorr scheme [15].

[1]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[2]  Yechezkel Zalcstein,et al.  The Complexity of Grigorchuk Groups with Application to Cryptography , 1991, Theor. Comput. Sci..

[3]  Kaoru Kurosawa,et al.  Attack for Flash MIX , 2000, ASIACRYPT.

[4]  Holger Orup,et al.  VICTOR an Efficient RSA Hardware Implementation , 1991, EUROCRYPT.

[5]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.

[6]  Rafail Ostrovsky,et al.  Private Information Storage , 1996, IACR Cryptol. ePrint Arch..

[7]  J. Olivos,et al.  Speeding up the computations on an elliptic curve using addition-subtraction chains , 1990, RAIRO Theor. Informatics Appl..

[8]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[9]  Mark Shand,et al.  Fast implementations of RSA cryptography , 1993, Proceedings of IEEE 11th Symposium on Computer Arithmetic.

[10]  Patrick Dehornoy,et al.  A Fast Method for Comparing Braids , 1997 .

[11]  Duncan A. Buell,et al.  Splash 2 - FPGAs in a custom computing machine , 1996 .

[12]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[13]  Masayuki Abe,et al.  A Length-Invariant Hybrid Mix , 2000, ASIACRYPT.

[14]  Shimon Even Systolic Modular Multiplication , 1990, CRYPTO.

[15]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[16]  Paul C. van Oorschot,et al.  On Diffie-Hellman Key Agreement with Short Exponents , 1996, EUROCRYPT.

[17]  A. Tiountchik Systolic modular exponentiation via Montgomery algorithm , 1998 .

[18]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[19]  Colin D. Walter,et al.  Hardware Implementation of Montgomery's Modular Multiplication Algorithm , 1993, IEEE Trans. Computers.

[20]  Michael K. Reiter,et al.  Anonymous Web transactions with Crowds , 1999, CACM.

[21]  J6rg Sauerbrey,et al.  A Modular Exponentiation Unit Based on Systolic Arrays , 1992, AUSCRYPT.

[22]  Atsuko Miyaji,et al.  Efficient elliptic curve exponentiation , 1997, ICICS.

[23]  Burton S. Kaliski,et al.  A Cryptographic Library for the Motorola DSP56000 , 1991, EUROCRYPT.

[24]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[25]  Stephen E. Eldridge A faster modular multiplication algorithm , 1991, Int. J. Comput. Math..

[26]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[27]  J. Solinas CORR 99-39 Generalized Mersenne Numbers , 1999 .

[28]  Kazue Sako,et al.  Fault tolerant anonymous channel , 1997, ICICS.

[29]  Birgit Pfitzmann,et al.  How to Break the Direct RSA-Implementation of Mixes , 1990, EUROCRYPT.

[30]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.