Results 1 
5 of
5
A Secure PublicKey Signature System With Extremely Fast Verification
, 2000
"... . This paper presents a variant of the RabinWilliams publickey signature system. The new system oers the same security and signing speed but much faster verication. Generic attacks against this system are provably as dicult as factorization. 1. ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
. This paper presents a variant of the RabinWilliams publickey signature system. The new system oers the same security and signing speed but much faster verication. Generic attacks against this system are provably as dicult as factorization. 1.
Security of Biased Sources for Cryptographic Keys
, 2001
"... Cryptographic schemes are based on keys which are highly involved in granting their security. It is in general assumed that the source producing these keys has uniformly distribution, that is, it produces keys from a given key space with equal probability. Consequently, deviations from uniform distr ..."
Abstract
 Add to MetaCart
Cryptographic schemes are based on keys which are highly involved in granting their security. It is in general assumed that the source producing these keys has uniformly distribution, that is, it produces keys from a given key space with equal probability. Consequently, deviations from uniform distribution of the key source may be regarded a priori as a potential security breach, even if no dedicated attack is known, which might take advantage of these deviations. We propose in this paper a model for biased key sources and show that it is possible to prove some results about tolerance of biases, which have the property of being inherent to the bias itself and not requiring assumptions about unknown attacks, using these biases. The model is based on comparing the average case complexities of generic attacks to some number theoretical problems, with respect to uniform and to biased distributions. We also show the connection to information entropy based analysis of biased ...
Close to Uniform Prime Number Generation With Fewer Random Bits
"... Abstract. In this paper we analyze a simple method for generating prime numbers with fewer random bits. Assuming the Extended Riemann Hypothesis, we can prove that our method generates primes according to a distribution that can be made arbitrarily close to uniform. This is unlike the PRIMEINC algor ..."
Abstract
 Add to MetaCart
Abstract. In this paper we analyze a simple method for generating prime numbers with fewer random bits. Assuming the Extended Riemann Hypothesis, we can prove that our method generates primes according to a distribution that can be made arbitrarily close to uniform. This is unlike the PRIMEINC algorithm studied by Brandt and Damg˚aard and its many variants implemented in numerous software packages, which reduce the number of random bits used at the price of a distribution easily distinguished from uniform. Our new method is also no more computationally expensive than the ones in current use, and opens up interesting options for prime number generation in constrained environments. Keywords: Publickey cryptography, prime number generation, RSA, efficient implementations, random bits. 1
Efficiently Detecting Embedded Subtori and Algebraic Torsion Points
, 2006
"... Suppose X is the complex zero set of a finite collection of polynomials in Z[x1,..., xn]. We show that deciding whether X contains a point all of whose coordinates are dth roots of unity can be done within NP NP (relative to the sparse encoding), under a plausible assumption on primes in arithmetic ..."
Abstract
 Add to MetaCart
Suppose X is the complex zero set of a finite collection of polynomials in Z[x1,..., xn]. We show that deciding whether X contains a point all of whose coordinates are dth roots of unity can be done within NP NP (relative to the sparse encoding), under a plausible assumption on primes in arithmetic progression. In particular, our hypothesis can still hold even under certain failures of the Generalized Riemann Hypothesis, such as the presence of SiegelLandau zeroes. Furthermore, our complexity upper bound holds unconditionally when n=1. Finally, letting T be any multiplicative translate of an algebraic subgroup of (C∗) n, we show that deciding X? ⊇T is coNPcomplete (relative to the sparse encoding), unconditionally. We thus obtain new nontrivial families of multivariate polynomial systems where deciding the existence of complex roots can be done unconditionally in the polynomial hierarchy — a family of complexity classes lying between PSPACE and P, intimately connected with the P? =NP Problem. We also discuss how our results can be viewed as an algorithmic analogue of Laurent’s solution of Chabauty’s Conjecture from arithmetic geometry. 1
Interpolating Between Quantum and Classical Complexity Classes
, 2008
"... We reveal a natural algebraic problem whose complexity appears to interpolate between the wellknown complexity classes BQP and NP: ⋆ Decide whether a univariate polynomial with exactly m monomial terms has a padic rational root. In particular, we show that while (⋆) is doable in quantum randomized ..."
Abstract
 Add to MetaCart
We reveal a natural algebraic problem whose complexity appears to interpolate between the wellknown complexity classes BQP and NP: ⋆ Decide whether a univariate polynomial with exactly m monomial terms has a padic rational root. In particular, we show that while (⋆) is doable in quantum randomized polynomial time when m = 2 (and no classical randomized polynomial time algorithm is known), (⋆) is nearly NPhard for general m: Under a plausible hypothesis involving primes in arithmetic progression (implied by the Generalized Riemann Hypothesis for certain cyclotomic fields), a randomized polynomial time algorithm for (⋆) would imply the widely disbelieved inclusion NP⊆BPP. This type of quantum/classical interpolation phenomenon appears to new. 1 Introduction and Main Results Thanks to quantum computation, we now have exponential speedups for important practical problems such as Integer Factoring and Discrete Logarithm [Sho97]. However, a fundamental