Abstract. We study a class of problems called Modular Inverse Hidden Number Problems (MIHNPs). The basic problem in this class is the following: Given many pairs � � � � −1 xi, msbk (α + xi) mod p for random xi ∈ Zp the problem is to find α ∈ Zp (here msbk(x) refers to the k most significant bits of x). We describe an algorithm for this problem when k> (log 2 p)/3 and conjecture that the problem is hard whenever k < (log 2 p)/3. We show that assuming hardness of some variants of this MIHNP problem leads to very efficient algebraic PRNGs and MACs.

The Weil and Tate pairings are a popular new gadget in cryptography and have found many applications, including identity-based cryptography. In particular, the pairings have been used for key exchange protocols. This paper studies the bit security of keys obtained using protocols based on pairings (that is, we show that obtaining certain bits of the common key is as hard as computing the entire key). These results are valuable as they give insight into how many "hard-core" bits can be obtained from key exchange using pairings.

Abstract. We show that in certain natural computational models every bit of a message encrypted with the NtruEncrypt cryptosystem is as secure as the whole message. 1

We give a survey of recent results on the hidden number problem introduced by Boneh and Venkatesan in 1996 and its numerous generalizations.

We describe how a rather surprising, yet powerful combination of two famous number theoretic techniques: bounds of exponential sums and lattice reduction algorithms. This combination...