Results 1  10
of
13
A tale of two sieves
 Notices Amer. Math. Soc
, 1996
"... It is the best of times for the game of factoring large numbers into their prime factors. In 1970 it was barely possible to factor “hard ” 20digit numbers. In 1980, in the heyday of the BrillhartMorrison continued fraction factoring algorithm, factoring of 50digit numbers was becoming commonplace ..."
Abstract

Cited by 39 (2 self)
 Add to MetaCart
It is the best of times for the game of factoring large numbers into their prime factors. In 1970 it was barely possible to factor “hard ” 20digit numbers. In 1980, in the heyday of the BrillhartMorrison continued fraction factoring algorithm, factoring of 50digit numbers was becoming commonplace. In 1990 my own quadratic sieve factoring algorithm had doubled the length of the numbers that could be factored, the record having 116 digits. By 1994 the quadratic sieve had factored the famous 129digit RSA challenge number that had been estimated in Martin Gardner’s 1976 Scientific American column to be safe for 40 quadrillion years (though other estimates around then were more modest). But the quadratic sieve is no longer the champion. It was replaced by Pollard’s number field sieve in the spring of 1996, when that method successfully split a 130digit RSA challenge number in about 15 % of the time the quadratic sieve would have taken. In this article we shall briefly meet these factorization algorithms—these two sieves—and some of the many people who helped to develop them. In the middle part of this century, computational issues seemed to be out of fashion. In most books the problem of factoring big numbers
Unconditional Sender and Recipient Untraceability in spite of Active Attacks
, 1989
"... . A protocol is described which allows to send and receive messages anonymously using an arbitrary communication network, and it is proved to be unconditionally secure. This improves a result by DAVID CHAUM: The DCnet guarantees the same, but on the assumption of a reliable broadcast network. Since ..."
Abstract

Cited by 37 (1 self)
 Add to MetaCart
. A protocol is described which allows to send and receive messages anonymously using an arbitrary communication network, and it is proved to be unconditionally secure. This improves a result by DAVID CHAUM: The DCnet guarantees the same, but on the assumption of a reliable broadcast network. Since unconditionally secure Byzantine Agreement cannot be achieved, such a reliable broadcast network cannot be realized by algorithmic means. The solution proposed here, the DC + net, uses the DCnet, but replaces the reliable broadcast network by a failstop one. By choosing the keys necessary for the DCnet dependently on the previously broadcast messages, the failstop broadcast can be achieved unconditionally secure and without increasing the complexity of the DCnet significantly, using an arbitrary communication network. Categories and Subject Descriptors: C.2.0 [ComputerCommunication Networks]: General  Security and protection, E.3 [Data Encryption], F.2.1 [Analysis of Algorithms...
Discrete Logarithms: the Effectiveness of the Index Calculus Method
, 1996
"... . In this article we survey recent developments concerning the discrete logarithm problem. Both theoretical and practical results are discussed. We emphasize the case of finite fields, and in particular, recent modifications of the index calculus method, including the number field sieve and the func ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
. In this article we survey recent developments concerning the discrete logarithm problem. Both theoretical and practical results are discussed. We emphasize the case of finite fields, and in particular, recent modifications of the index calculus method, including the number field sieve and the function field sieve. We also provide a sketch of the some of the cryptographic schemes whose security depends on the intractibility of the discrete logarithm problem. 1 Introduction Let G be a cyclic group generated by an element t. The discrete logarithm problem in G is to compute for any b 2 G the least nonnegative integer e such that t e = b. In this case, we write log t b = e. Our purpose, in this paper, is to survey recent work on the discrete logarithm problem. Our approach is twofold. On the one hand, we consider the problem from a purely theoretical perspective. Indeed, the algorithms that have been developed to solve it not only explore the fundamental nature of one of the basic s...
Recent progress and prospects for integer factorisation algorithms
 In Proc. of COCOON 2000
, 2000
"... Abstract. The integer factorisation and discrete logarithm problems are of practical importance because of the widespread use of public key cryptosystems whose security depends on the presumed difficulty of solving these problems. This paper considers primarily the integer factorisation problem. In ..."
Abstract

Cited by 20 (1 self)
 Add to MetaCart
Abstract. The integer factorisation and discrete logarithm problems are of practical importance because of the widespread use of public key cryptosystems whose security depends on the presumed difficulty of solving these problems. This paper considers primarily the integer factorisation problem. In recent years the limits of the best integer factorisation algorithms have been extended greatly, due in part to Moore’s law and in part to algorithmic improvements. It is now routine to factor 100decimal digit numbers, and feasible to factor numbers of 155 decimal digits (512 bits). We outline several integer factorisation algorithms, consider their suitability for implementation on parallel machines, and give examples of their current capabilities. In particular, we consider the problem of parallel solution of the large, sparse linear systems which arise with the MPQS and NFS methods. 1
Building Cyclic Elliptic Curves Modulo Large Primes
 Advances in Cryptology  EUROCRYPT '91, Lecture Notes in Computer Science
, 1987
"... Elliptic curves play an important role in many areas of modern cryptology such as integer factorization and primality proving. Moreover, they can be used in cryptosystems based on discrete logarithms for building oneway permutations. For the latter purpose, it is required to have cyclic elliptic cu ..."
Abstract

Cited by 18 (2 self)
 Add to MetaCart
Elliptic curves play an important role in many areas of modern cryptology such as integer factorization and primality proving. Moreover, they can be used in cryptosystems based on discrete logarithms for building oneway permutations. For the latter purpose, it is required to have cyclic elliptic curves over finite fields. The aim of this note is to explain how to construct such curves over a finite field of large prime cardinality, using the ECPP primality proving test of Atkin and Morain. 1 Introduction Elliptic curves prove to be a powerful tool in modern cryptology. Following the original work of H. W. Lenstra, Jr. [18] concerning integer factorization, many researchers have used this new idea to work out primality proving algorithms [8, 14, 2, 4, 22] as well as cryptosystems [21, 16] generalizing those of [12, 1, 9]. Recent work on these topics can be found in [20, 19]. More recently, Kaliski [15] has used elliptic curves in the design of oneway permutations. For this, the autho...
Diffiehellman key exchange protocol and nonabelian nilpotent groups. Cryptology ePrint Archive, Report 2005/110
, 2005
"... Abstract. In this paper we study a key exchange protocol similar to the DiffieHellman key exchange protocol, using abelian subgroups of the automorphism group of a nonabelian nilpotent group. We also generalize group no.92 of the HallSenior table [16] to an arbitrary prime p and show that, for th ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
Abstract. In this paper we study a key exchange protocol similar to the DiffieHellman key exchange protocol, using abelian subgroups of the automorphism group of a nonabelian nilpotent group. We also generalize group no.92 of the HallSenior table [16] to an arbitrary prime p and show that, for those groups, the group of central automorphisms is commutative. We use these for the key exchange we are studying. MSC: 94A62, 20D15. Keyword: DiffieHellman key exchange, publickey cryptography, pgroup,
Efficient Primitives from Exponentiation in Z_p
, 2006
"... Since DiffieHellman [14], many secure systems, based on discrete logarithm or DiffieHellman assumption in Z_p, were introduced in the literature. In this work, we investigate the possibility to construct efficient primitives from exponentiation techniques over Z_p. Consequently, we propose a new p ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Since DiffieHellman [14], many secure systems, based on discrete logarithm or DiffieHellman assumption in Z_p, were introduced in the literature. In this work, we investigate the possibility to construct efficient primitives from exponentiation techniques over Z_p. Consequently, we propose a new pseudorandom generator, where its security is proven under the decisional DiffieHellman assumption. Our generator is the most efficient among all generators from Z*_p that are provably secure under standard assumptions. If an appropriate precomputation is allowed, our generator can produce O(log log p) bits per modular multiplication. This is the best possible result in...
Computational Methods in Public Key Cryptology
, 2002
"... These notes informally review the most common methods from computational number theory that have applications in public key cryptology. ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
These notes informally review the most common methods from computational number theory that have applications in public key cryptology.
ffl Some Statistics for NFS Factorizations
, 2002
"... 3 Finite Fields In computational number theory and cryptographic applications, we often have to work over finite fields. A finite field F is a finite set with operations "+ " and "\Theta " which satisfy the usual associative, commutative and distributive laws: ..."
Abstract
 Add to MetaCart
3 Finite Fields In computational number theory and cryptographic applications, we often have to work over finite fields. A finite field F is a finite set with operations "+ " and "\Theta " which satisfy the usual associative, commutative and distributive laws:
Data Security  CM 0321
, 2001
"... etwork security. Mandatory reading for aspiring system managers. Antonia J. Jones:18 December 2001 2 W. Stallings. Cryptography and Network Security: Principles and Practice. Prentice Hall. 1998. ISBN 0138690170. Fills in many aspects of the present course and goes on to discuss mail and intern ..."
Abstract
 Add to MetaCart
etwork security. Mandatory reading for aspiring system managers. Antonia J. Jones:18 December 2001 2 W. Stallings. Cryptography and Network Security: Principles and Practice. Prentice Hall. 1998. ISBN 0138690170. Fills in many aspects of the present course and goes on to discuss mail and internet security. C. P. Pfleeger. Security in Computing. Prentice Hall. 1997. ISBN 0131857940. Good general introduction. The classic 1,200 page definitive story of cryptography up to the late 1950's is: D. Kahn. The Codebreakers. Scribner, New York. 1996. A recent very interesting account including the history of RSA and PGP and a nontechnical discussion of quantum cryptography is: S. Singh. The Code Book. Fourth Estate, London. 1999. Fiction: Neal Stephenson. Cryptonomicon. William Heinemann, London. 1999. Antonia J. Jones:18 December 2001 3 CONTENTS I G