Breaking generalized Diffie-Hellman modulo a composite is no easier than factoring

被引：29

作者：

Biham, E

Boneh, D

Reingold, O ^{[1
]}

机构：

[1] Weizmann Inst Sci, Dept Comp Sci & Appl Math, IL-76100 Rehovot, Israel

[2] Stanford Univ, Dept Comp Sci, Stanford, CA 94305 USA

[3] Technion Israel Inst Technol, Dept Comp Sci, IL-32000 Haifa, Israel

来源：

INFORMATION PROCESSING LETTERS | 1999年 / 70卷 / 02期

基金：

以色列科学基金会;

关键词：

cryptography; Diffie-Hellman assumption; factoring; key-exchange; pseudo-random function;

D O I：

10.1016/S0020-0190(99)00047-2

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2 parties. This gives rise to the generalized Diffie-Hellman assumption (GDH-Assumption). Naor and Reingold have recently shown an efficient construction of pseudo- random functions and proved its security based on the GDH-Assumption. In this note, we prove that breaking this assumption module a so called Blum-integer would imply an efficient algorithm for factorization. Therefore, both the key-exchange protocol and the pseudo-random functions are secure as long as factoring Blum-integers is hard. Our reduction strengthen a previous "worst-case" reduction of Shmuely (1985). (C) 1999 Elsevier Science B.V. All rights reserved.

引用

页码：83 / 87

页数：5

共 8 条

[1]

BONEH D, 1996, LECT NOTES COMPUTER, V1109, P129, DOI DOI 10.1007/3-540-68697-5

[2] NEW DIRECTIONS IN CRYPTOGRAPHY [J].

DIFFIE, W ;

HELLMAN, ME .

IEEE TRANSACTIONS ON INFORMATION THEORY, 1976, 22 (06) :644-654

[3]

McCurley K. S., 1988, Journal of Cryptology, V1, P95, DOI 10.1007/BF02351718

[4]

NAOR M, 1997, P 38 IEEE S FDN COMP

[5]

Rabin M. O., 1979, TR212 MIT LAB COMP S

[6]

SHMUELY Z, 1985, 356 COMP SCI DEP TEC

[7]

Shoup Victor, 1997, EUROCRYPT 1997, V1233, P256, DOI DOI 10.1007/3-540-69053-018

[8]

STEINER M, 1996, P 3 ACM C COMP COMM, P31

← 1 →