Results 1  10
of
30
PolynomialTime Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
 SIAM J. on Computing
, 1997
"... A digital computer is generally believed to be an efficient universal computing device; that is, it is believed able to simulate any physical computing device with an increase in computation time by at most a polynomial factor. This may not be true when quantum mechanics is taken into consideration. ..."
Abstract

Cited by 1277 (4 self)
 Add to MetaCart
(Show Context)
A digital computer is generally believed to be an efficient universal computing device; that is, it is believed able to simulate any physical computing device with an increase in computation time by at most a polynomial factor. This may not be true when quantum mechanics is taken into consideration. This paper considers factoring integers and finding discrete logarithms, two problems which are generally thought to be hard on a classical computer and which have been used as the basis of several proposed cryptosystems. Efficient randomized algorithms are given for these two problems on a hypothetical quantum computer. These algorithms take a number of steps polynomial in the input size, e.g., the number of digits of the integer to be factored.
The NPcompleteness column: an ongoing guide
 JOURNAL OF ALGORITHMS
, 1987
"... This is the nineteenth edition of a (usually) quarterly column that covers new developments in the theory of NPcompleteness. The presentation is modeled on that used by M. R. Garey and myself in our book "Computers and Intractability: A Guide to the Theory of NPCompleteness," W. H. Freem ..."
Abstract

Cited by 239 (0 self)
 Add to MetaCart
(Show Context)
This is the nineteenth edition of a (usually) quarterly column that covers new developments in the theory of NPcompleteness. The presentation is modeled on that used by M. R. Garey and myself in our book "Computers and Intractability: A Guide to the Theory of NPCompleteness," W. H. Freeman & Co., New York, 1979 (hereinafter referred to as "[G&J]"; previous columns will be referred to by their dates). A background equivalent to that provided by [G&J] is assumed, and, when appropriate, crossreferences will be given to that book and the list of problems (NPcomplete and harder) presented there. Readers who have results they would like mentioned (NPhardness, PSPACEhardness, polynomialtimesolvability, etc.) or open problems they would like publicized, should
A new publickey cryptosystem as secure as factoring
 In Eurocrypt '98, LNCS 1403
, 1998
"... Abstract. This paper proposes a novel publickey cryptosystem, which is practical, provably secure and has some other interesting properties as follows: 1. Its trapdoor technique is essentially different from any other previous schemes including RSARabin and DiffieHellman. 2. It is a probabilistic ..."
Abstract

Cited by 208 (7 self)
 Add to MetaCart
Abstract. This paper proposes a novel publickey cryptosystem, which is practical, provably secure and has some other interesting properties as follows: 1. Its trapdoor technique is essentially different from any other previous schemes including RSARabin and DiffieHellman. 2. It is a probabilistic encryption scheme. 3. It can be proven to be as secure as the intractability of factoring n = p 2 q (in the sense of the security of the whole plaintext) against passive adversaries. 4. It is semantically secure under the psubgroup assumption, which is comparable to the quadratic residue and higher degree residue assumptions. 5. Under the most practical environment, the encryption and decryption speeds of our scheme are comparable to (around twice slower than) those of elliptic curve cryptosystems. 6. It has a homomorphic property: E(m 0
Equitable key escrow with limited time span (or, How to enforce time expiration cryptographically)
 ADVANCES IN CRYPTOLOGY, ASIACRYPT 98, LNCS 1514
, 1998
"... With equitable key escrow the control of society over the individual and the control of the individual over society are shared fairly. In particular, the control is limited to specified time periods. We consider two applications: time controlled key escrow and time controlled auctions with closed b ..."
Abstract

Cited by 20 (6 self)
 Add to MetaCart
(Show Context)
With equitable key escrow the control of society over the individual and the control of the individual over society are shared fairly. In particular, the control is limited to specified time periods. We consider two applications: time controlled key escrow and time controlled auctions with closed bids. In the rst the individual cannot be targeted outside the period authorized by the court. In the second the individual cannot withhold his closed bid beyond the bidding period. We propose two protocols, one for each application. We do not require the use of temperproof devices.
Mutual authentication and key exchange protocols for roaming services in wireless mobile networks
 IEEE Transactions on Wireless Communications
, 2006
"... Abstract — Two novel mutual authentication and key exchange protocols with anonymity are proposed for different roaming scenarios in the global mobility network. The new features in the proposed protocols include identity anonymity and onetime session key renewal. Identity anonymity protects mobile ..."
Abstract

Cited by 19 (6 self)
 Add to MetaCart
Abstract — Two novel mutual authentication and key exchange protocols with anonymity are proposed for different roaming scenarios in the global mobility network. The new features in the proposed protocols include identity anonymity and onetime session key renewal. Identity anonymity protects mobile users privacy in the roaming network environment. Onetime session key progression frequently renews the session key for mobile users and reduces the risk of using a compromised session key to communicate with visited networks. It has demonstrated that the computation complexity of the proposed protocols is similar to the existing ones, while the security has been significantly improved. Index Terms — Authentication, key exchange, roaming service, anonymity, secretsplitting, selfcertified. Fixed Internet nodes A’s home network, home agent (H) Internet B’s home network, home agent (H) Mobile terminal (M), B Foreign network2 (V)
Efficiency and Security of Cryptosystems Based on Number Theory
, 1996
"... , 44 equivalent, 48 admissible, 19 associated, 48 binary addition chain, 45 binary method, 43, 63 Carmichael function, 4 Carmichael number, 16, 29 Chinese Remainder Theorem, 5 complex extension, 3 conjugate, 3 CRT, 5 Dickson polynomials, 11 doubling step, 63 dual, 48 Fermat test, 15, 16 graph reduce ..."
Abstract

Cited by 13 (0 self)
 Add to MetaCart
, 44 equivalent, 48 admissible, 19 associated, 48 binary addition chain, 45 binary method, 43, 63 Carmichael function, 4 Carmichael number, 16, 29 Chinese Remainder Theorem, 5 complex extension, 3 conjugate, 3 CRT, 5 Dickson polynomials, 11 doubling step, 63 dual, 48 Fermat test, 15, 16 graph reduced, 48 group of units, 3 indegree, 45 Jacobi symbol, 6 Legendre symbol, 5 Lucas chain, 62 composite, 63 degenerate, 63 simple, 63 Lucas sequence, 8 Mathematica, 23, 41 MillerRabin test, 18 norm, 3 order of a group element, 7 outdegree, 45 Pocklington, 25 probable prime, 15 pseudoprimality, 2 BIBLIOGRAPHY 85 [R'ed48] L. R'edei. Uber eindeutig umkehrbare Polynome in endlichen Korpern. Acta Sci. Math., 11:7176, 194648. [Rie85] H. Riesel. Prime Numbers and Computer Methods for Factorization. Birkhauser, 1985. [RLS + 93] R. A. Rueppel, A. K. Lenstra, M. E. Smid, K. S. McCurley, Y. Desmedt, A. Odlyzko, and P. Landrock. Panel
A New PublicKey Cryptosystem over Quadratic Orders with Quadratic Decryption Time
, 2000
"... We present a new cryptosystem based on ideal arithmetic in quadratic orders. The method of our trapdoor is different from the DiffieHellman key distribution scheme or the RSA cryptosystem. The plaintext m is encrypted by mp r , where p is a fixed element and r is a random integer, so our proposed ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
We present a new cryptosystem based on ideal arithmetic in quadratic orders. The method of our trapdoor is different from the DiffieHellman key distribution scheme or the RSA cryptosystem. The plaintext m is encrypted by mp r , where p is a fixed element and r is a random integer, so our proposed cryptosystem is a probabilistic encryption scheme and has the homomorphy property. The most prominent property of our cryptosystem is the cost of the decryption, which is of quadratic bit complexity in the length of the public key. Our implementation shows that it is comparably as fast as the encryption time of the RSA cryptosystem with e = 2 16 + 1. The security of our cryptosystem is closely related to factoring the discriminant of a quadratic order. When we choose appropriate sizes of the parameters, the currently known fast algorithms, for examples, the elliptic curve method, the number field sieve, the HafnerMcCurley algorithm, are not applicable. We also discuss that the chosen cip...
Efficient zeroknowledge identification schemes for smart cards
 The Computer Journal
, 1992
"... Secure identification is an important security issue to avoid computer fraud due to masquerading. This can be achieved with zeroknowledge based smart cards. We present very efficient new zeroknowledge schemes in a general algebraic setting. Particular cases of our scheme improve the performance of ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
(Show Context)
Secure identification is an important security issue to avoid computer fraud due to masquerading. This can be achieved with zeroknowledge based smart cards. We present very efficient new zeroknowledge schemes in a general algebraic setting. Particular cases of our scheme improve the performance of the GuillouQuisquater and the ChaumEvertsevan de Graaf schemes. Our scheme is formally proven and, overall, is more efficient than currently available schemes including the FiatShamir scheme. As an application we discuss how our scheme can be used for identification, in particular as an electronic passport scheme.
Approximate constructions in finite fields
 Proc. 3rd Conf. on Finite Fields and Appl
, 1995
"... ..."
(Show Context)