Results 11  20
of
35
Quadratic orders for NESSIE  Overview and parameter sizes of three public key families
, 2000
"... . In the scope of the European project NESSIE 1 there was issued a Call for Cryptographic Primitives [NESSIE] soliciting proposals for block ciphers, stream ciphers, hash functions, pseudorandom functions and public key primitives for digital signatures, encryption and identification. Since ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
. In the scope of the European project NESSIE 1 there was issued a Call for Cryptographic Primitives [NESSIE] soliciting proposals for block ciphers, stream ciphers, hash functions, pseudorandom functions and public key primitives for digital signatures, encryption and identification. Since the security of all popular puplic key cryptosystems is based on unproven assumptions and therefore nobody can guarantee that schemes based on factoring or the computation of discrete logarithms in some group, like the multiplicative group of a finite field or the jacobian of (hyper) elliptic curves over finite fields, will stay secure forever, it is especially important to provide a variety of different primitives and groups which may be utilized if a popular class of cryptosystems gets broken. In this work we propose three different public key families based on the discrete logarithm problem in quadratic orders to be considered for NESSIE. The two families based on (maximal) real...
Efficiency improvement for NTRU
 In Ammar Alkassar and Jörg Siekmann, editors, SICHERHEIT 2008
"... Abstract: The NTRU encryption scheme is an interesting alternative to wellestablished encryption schemes such as RSA, ElGamal, and ECIES. The security of NTRU relies on the hardness of computing short lattice vectors and thus is a promising candidate for being quantum computer resistant. There has ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract: The NTRU encryption scheme is an interesting alternative to wellestablished encryption schemes such as RSA, ElGamal, and ECIES. The security of NTRU relies on the hardness of computing short lattice vectors and thus is a promising candidate for being quantum computer resistant. There has been extensive research on efficient implementation of the NTRU encryption scheme. In this paper, we present a new algorithm for enhancing the performance of NTRU. The proposed method is between 11 % and 23 % faster on average than the best previously known method. We also present a highly efficient implementation of NTRU within the Java Cryptography Architecture.
Ron was wrong, Whit is right
, 2012
"... Abstract. We performed a sanity check of public keys collected on the web. Our main goal was to test the validity of the assumption that different random choices are made each time keys are generated. We found that the vast majority of public keys work as intended. A more disconcerting finding is th ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We performed a sanity check of public keys collected on the web. Our main goal was to test the validity of the assumption that different random choices are made each time keys are generated. We found that the vast majority of public keys work as intended. A more disconcerting finding is that two out of every one thousand RSA moduli that we collected offer no security. Our conclusion is that the validity of the assumption is questionable and that generating keys in the real world for “multiplesecrets ” cryptosystems such as RSA is significantly riskier than for “singlesecret ” ones such as ElGamal or (EC)DSA which are based on DiffieHellman.
Using the Cloud to Determine Key Strengths
 Progress in Cryptology – INDOCRYPT 2012, Springer LNCS 7669
"... Abstract. We develop a new methodology to assess cryptographic key strength using cloud computing, by calculating the true economic cost of (symmetric or private) key retrieval for the most common cryptographic primitives. Although the present paper gives both the current (2012) and last years (20 ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We develop a new methodology to assess cryptographic key strength using cloud computing, by calculating the true economic cost of (symmetric or private) key retrieval for the most common cryptographic primitives. Although the present paper gives both the current (2012) and last years (2011) costs, more importantly it provides the tools and infrastructure to derive new data points at any time in the future, while allowing for improvements such as of new algorithmic approaches. Over time the resulting data points will provide valuable insight in the selection of cryptographic key sizes. 3 1
About Generic Conversions from any Weakly Secure Encryption Scheme into a ChosenCiphertext Secure Scheme
 In Proceedings of the Fourth Conference on Algebraic Geometry, Number Theory, Coding Theory and Cryptography
, 2001
"... Abstract. Since the appearance of publickey cryptography in the seminal DiffieHellman paper, many schemes have been proposed, but many have been broken. Indeed, for many people, the simple fact that a cryptographic algorithm withstands cryptanalytic attacks for several years is considered as a kin ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Since the appearance of publickey cryptography in the seminal DiffieHellman paper, many schemes have been proposed, but many have been broken. Indeed, for many people, the simple fact that a cryptographic algorithm withstands cryptanalytic attacks for several years is considered as a kind of validation. But some schemes took a long time before being widely studied, and maybe thereafter being broken. A much more convincing line of research has tried to provide “provable ” security for cryptographic protocols, in a complexity theory sense: if one can break the cryptographic protocol, one can efficiently solve the underlying problem. Unfortunately, very few practical schemes can be proven in this socalled “standard model ” because such a security level rarely meets with efficiency. A convenient way to achieve some kind of validation of efficient schemes has been to identify some concrete cryptographic objects with ideal random ones: hash functions are considered as behaving like random functions, in the socalled “random oracle model”, and groups are used as blackbox groups, in which one has to ask for additions to get new elements, in the socalled “generic model”. In this paper we present some generic designs for asymmetric encryption with provable security in the random oracle model.
Computation of discrete logarithms in F2607
 In Advances in Cryptology (AsiaCrypt 2001), Springer LNCS 2248
"... Abstract. We describe in this article how we have been able to extend the record for computationsof discrete logarithmsin characteristic 2 from the previousrecord over F 2 503 to a newer mark of F 2 607, using Coppersmith’s algorithm. This has been made possible by several practical improvementsto t ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We describe in this article how we have been able to extend the record for computationsof discrete logarithmsin characteristic 2 from the previousrecord over F 2 503 to a newer mark of F 2 607, using Coppersmith’s algorithm. This has been made possible by several practical improvementsto the algorithm. Although the computationshave been carried out on fairly standard hardware, our opinion is that we are nearing the current limitsof the manageable sizesfor thisalgorithm, and that going substantially further will require deeper improvements to the method. 1
The ThreeLargePrimes Variant of the Number Field Sieve
"... The Number Field Sieve (NFS) is the asymptotically fastest known factoring algorithm for large integers. This method was proposed by John Pollard [20] in 1988. Since then several variants have been implemented with the objective of improving the siever which is the most time consuming part of this ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
The Number Field Sieve (NFS) is the asymptotically fastest known factoring algorithm for large integers. This method was proposed by John Pollard [20] in 1988. Since then several variants have been implemented with the objective of improving the siever which is the most time consuming part of this method (but fortunately, also the easiest to parallelise). Pollard's original method allowed one large prime. After that the twolargeprimes variant led to substantial improvements [11]. In this paper we investigate whether the threelargeprimes variant may lead to any further improvement. We present theoretical expectations and experimental results. We assume the reader to be familiar with the NFS.
Factorization of a 1061bit number by the Special Number Field Sieve
, 2012
"... I provide the details of the factorization of the Mersenne number 2 1061 − 1 by the Special Number Field Sieve. Although this factorization is easier than the completed factorization of RSA768, it represents a new milestone for factorization using publicly available software. 1 ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
I provide the details of the factorization of the Mersenne number 2 1061 − 1 by the Special Number Field Sieve. Although this factorization is easier than the completed factorization of RSA768, it represents a new milestone for factorization using publicly available software. 1
Contemporary Cryptology Birkhäuser Verlag Basel • Boston • BerlinAuthors:
"... Département d’Informatique ..."
(Show Context)