Black-Box Extension Fields and the Inexistence of Field-Homomorphic One-Way Permutations

The black-box field (BBF) extraction problem is, for a given field F, to determine a secret field element hidden in a black-box which allows to add and multiply values in F in the box and which reports only equalities of elements in the box. This problem is of cryptographic interest for two reasons. First, for F = Fp it corresponds to the generic reduction of the discrete logarithm problem to the computational Diffie-Hellman problem in a group of prime order p. Second, an efficient solution to the BBF extraction problem proves the inexistence of field-homomorphic one-way permutations whose realization is an interesting open problem in algebra-based cryptography. BBFs are also of independent interest in computational algebra. In the previous literature BBFs had only been considered for the prime field case. In this paper we consider a generalization of the extraction problem to BBFs that are extension fields. More precisely we discuss the representation problem defined as follows: For given generators g1,..., gd algebraically generating a BBF and an additional element x, all hidden in a black-box, express x algebraically in terms of g1,..., gd. We give an efficient algorithm for this representation problem and related problems for fields with small characteristic (e.g. F = F2n for some n). We also consider extension fields of large characteristic and show how to reduce the representation problem to the extraction problem for the underlying prime field. These results imply the inexistence of field-homomorphic (as opposed to only group-homomorphic, like RSA) one-way permutations for fields of small characteristic.

[1]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[2]  L. Babai,et al.  Groups St Andrews 1997 in Bath, I: A polynomial-time theory of black box groups I , 1999 .

[3]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[4]  H. Niederreiter,et al.  Finite Fields: Encyclopedia of Mathematics and Its Applications. , 1997 .

[5]  Rudolf Lide,et al.  Finite fields , 1983 .

[6]  Ueli Maurer,et al.  The Relationship Between Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1999, SIAM J. Comput..

[7]  V. Rich Personal communication , 1989, Nature.

[8]  Endre Szemerédi,et al.  On the Complexity of Matrix Group Problems I , 1984, FOCS.

[9]  Niv Ahituv,et al.  Processing encrypted data , 1987, CACM.

[10]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[11]  Ueli Maurer,et al.  Abstract Models of Computation in Cryptography , 2005, IMACC.

[12]  Arjen K. Lenstra,et al.  Factorization of Polynomials , 1983 .

[13]  Richard J. Lipton,et al.  Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract) , 1996, CRYPTO.

[14]  H. Lenstra Finding isomorphisms between finite fields , 1991 .

[15]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[16]  Josep Domingo-Ferrer,et al.  A Provably Secure Additive and Multiplicative Privacy Homomorphism , 2002, ISC.

[17]  Ueli Maurer,et al.  Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1994, CRYPTO.

[18]  Joachim von zur Gathen,et al.  Factoring Polynomials over Special Finite Fields , 2001 .