Results 1 
8 of
8
Timelock puzzles and timedrelease crypto
, 1996
"... 1 Introduction Our motivation is the notion of "timedrelease crypto, " where the goal is to encrypt a message so that it can not be decrypted by anyone, not even the sender, until a predetermined amount of time has passed. The goal is to "send information into the future ..."
Abstract

Cited by 147 (1 self)
 Add to MetaCart
(Show Context)
1 Introduction Our motivation is the notion of &quot;timedrelease crypto, &quot; where the goal is to encrypt a message so that it can not be decrypted by anyone, not even the sender, until a predetermined amount of time has passed. The goal is to &quot;send information into the future. &quot; This problem was first discussed by Timothy May [6]. What are the applications of &quot;timedrelease crypto&quot;? Here are a few possibilities (some due to May):
New PublicKey Schemes Based on Elliptic Curves over the Ring Z_n
, 1991
"... Three new trapdoor oneway functions are proposed that are based on elliptic curves over the ring Z_n. The first class of functions is a naive construction, which can be used only in a digital signature scheme, and not in a publickey cryptosystem. The second, preferred class of function, does not s ..."
Abstract

Cited by 49 (0 self)
 Add to MetaCart
Three new trapdoor oneway functions are proposed that are based on elliptic curves over the ring Z_n. The first class of functions is a naive construction, which can be used only in a digital signature scheme, and not in a publickey cryptosystem. The second, preferred class of function, does not suffer from this problem and can be used for the same applications as the RSA trapdoor oneway function, including zeroknowledge identification protocols. The third class of functions has similar properties to the Rabin trapdoor oneway functions. Although the security of these proposed schemes is based on the difficulty of factoring n, like the RSA and Rabin schemes, these schemes seem to be more secure than those schemes from the viewpoint of attacks without factoring such as low multiplier attacks.
A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes
, 1986
"... some discrete logarithm schemes ..."
(Show Context)
Some Numbertheoretic Conjectures and Their Relation to the Generation of Cryptographic Primes
, 1992
"... . The purpose of this paper is to justify the claim that a method for generating primes presented at EUROCRYPT'89 generates primes with virtually uniform distribution. Using convincing heuristic arguments, the conditional probability distributions of the size of the largest prime factor p 1 (n) ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
. The purpose of this paper is to justify the claim that a method for generating primes presented at EUROCRYPT'89 generates primes with virtually uniform distribution. Using convincing heuristic arguments, the conditional probability distributions of the size of the largest prime factor p 1 (n) of a number n on the order of N is derived, given that n satisfies one of the conditions 2n+1 is prime, 2an+1 is prime for a given a, or the d integers u 1 ; : : : ; u d , where u 1 = 2a 1 n + 1 and u t = 2a t u t\Gamma1 + 1 for 2 t d, are all primes for a given list of integers a 1 ; : : : ; a d . In particular, the conditional probabilities that n is itself a prime, or is of the form "k times a prime" for k = 2; 3; : : : ; is treated for the above conditions. It is shown that although for all k these probabilities strongly depend on the condition placed on n, the probability distribution of the relative size oe 1 (n) = log N p 1 (n) of the largest prime factor of n is virtually independent...
Cryptanalysis of Koyama Scheme
, 2006
"... In this paper we analyze the security of Koyama scheme based on the singular cubic curve for some well known attacks. We provide an efficient algorithm for linearly related plaintext attack and identify isomorphic attack on Koyama scheme. Some other attacks are also discussed in this paper. ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In this paper we analyze the security of Koyama scheme based on the singular cubic curve for some well known attacks. We provide an efficient algorithm for linearly related plaintext attack and identify isomorphic attack on Koyama scheme. Some other attacks are also discussed in this paper.
The Number of the Modulo n Roots of the Polynomial
"... Abstract: RSA is one of the oldest and until now one of the most widely used public key cryptographic systems, which is based on the modular raising to power. In this article it is pointed out that most of the essential properties of the RSA can be read out from the number of the modulo n roots of ..."
Abstract
 Add to MetaCart
Abstract: RSA is one of the oldest and until now one of the most widely used public key cryptographic systems, which is based on the modular raising to power. In this article it is pointed out that most of the essential properties of the RSA can be read out from the number of the modulo n roots of the polynomial mentioned in the title of this article. The results explain almost all of the properties taken into account at the choice of the parameters of the RSA. By the help of the polynomial it is pointed out how the modulus and the exponent must be chosen so that the modular raising to power realizes a secure cryptosystem. The article investigates also the role of the choice of the parameters related to the success of the cycling attack. The article conveys a unified point of view for the examination of a lot of the number theoretic problems arising with respect to the RSA.
How to Choose Secret Parameters for RSAtype Cryptosystems over Elliptic Curves
, 1997
"... . Recently, and contrary to the common belief, Rivest and Silverman argued that the use of strong primes is unnecessary in the RSA cryptosystem. This paper analyzes how valid this assertion is for RSAtype cryptosystems over elliptic curves. The analysis is more difficult because the underlying grou ..."
Abstract
 Add to MetaCart
(Show Context)
. Recently, and contrary to the common belief, Rivest and Silverman argued that the use of strong primes is unnecessary in the RSA cryptosystem. This paper analyzes how valid this assertion is for RSAtype cryptosystems over elliptic curves. The analysis is more difficult because the underlying groups are not always cyclic. Previous papers suggested the use of strong primes in order to prevent factoring attacks and cycling attacks. In this paper, we only focus on cycling attacks because for both RSA and its elliptic curvebased analogues, the length of the RSAmodulus n is typically the same. Therefore, a factoring attack will succeed with equal probability against all RSAtype cryptosystems. We also prove that cycling attacks reduce to find fixed points, and derive a factorization algorithm which (most probably) completely breaks RSAtype systems over elliptic curves if a fixed point is found. Keywords: RSAtype cryptosystems, Cycling attacks, Elliptic curves, Strong primes. 1. Introd...
How to Choose Secret Parameters for RSA and its Extensions to Elliptic Curves
, 2001
"... Recently, and contrary to the common belief, Rivest and Silverman argued that the use of strong primes is unnecessary in the RSA cryptosystem. This paper analyzes how valid this assertion is for RSA and its extensions to elliptic curves. Over elliptic curves, the analysis is more di#cult because ..."
Abstract
 Add to MetaCart
Recently, and contrary to the common belief, Rivest and Silverman argued that the use of strong primes is unnecessary in the RSA cryptosystem. This paper analyzes how valid this assertion is for RSA and its extensions to elliptic curves. Over elliptic curves, the analysis is more di#cult because the underlying groups are not always cyclic.