Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract)

We introduce the notion of a black box field and present several algorithms for manipulating such fields. Black box fields arise naturally in cryptography and our algorithms have several cryptographic implications. First, our results show that any algebraically homomorphic cryptosystem can be broken in sub-exponential time. The existence of such cryptosystems was posed as an open problem in [12]. Second we show that over elliptic (or hyperelliptic) curves the hardness of computing discrete-log implies the security of the Diffie-Hellman protocol. This provable security of the Diffie-Hellman protocol over elliptic curves demonstrates an additional advantage of elliptic curve cryptosystems over conventional ones. Finally, we prove that manipulating black box fields over the rationals is as hard as factoring integers.

[1]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[2]  V. Nechaev Complexity of a determinate algorithm for the discrete logarithm , 1994 .

[3]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1991, STOC '91.

[4]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[5]  Ueli Maurer,et al.  Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1994, CRYPTO.

[6]  Leonard M. Adleman,et al.  A subexponential algorithm for discrete logarithms over the rational subgroup of the jacobians of large genus hyperelliptic curves over finite fields , 1994, ANTS.

[7]  Richard J. Lipton,et al.  Straight-line complexity and integer factorization , 1994, ANTS.

[8]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[9]  R. Schoof Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p , 1985 .

[10]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[11]  de Ng Dick Bruijn On the number of positive integers $\leq x$ and free of prime factors $>y$ , 1951 .

[12]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[13]  H. Davenport On the Distribution of Quadratic Residues (mod p) , 1931 .

[14]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[15]  Ivan Damgård,et al.  On the Randomness of Legendre and Jacobi Sequences , 1990, CRYPTO.

[16]  P. Erdös,et al.  On a problem of Oppenheim concerning “factorisatio numerorum” , 1983 .

[17]  Neal Koblitz,et al.  A Family of Jacobians Suitable for Discrete Log Cryptosystems , 1988, CRYPTO.

[18]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[19]  Ueli Maurer,et al.  Non-interactive Public-Key Cryptography , 1991, EUROCRYPT.

[20]  J. Feigenbaum,et al.  Distributed computing and cryptography : proceedings of a DIMACS workshop held at the Nassau Inn in Princeton, New Jersey, October 4-6, 1989 , 1991 .

[21]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[22]  Arjen K. Lenstra,et al.  The number field sieve , 1990, STOC '90.

[23]  Endre Szemerédi,et al.  On the Complexity of Matrix Group Problems I , 1984, FOCS.

[24]  Bert den Boer Diffie-Hellman is as Strong as Discrete Log for Certain Primes , 1988, CRYPTO.

[25]  J. Michael Steele,et al.  Lower Bounds for Algebraic Decision Trees , 1982, J. Algorithms.