Abstract

The black-box field (BBF) extraction problem is, for a given field�, to determine a secret field element hidden in a black-box which allows to add and multiply values in�in the box and which reports only equalities of elements in the box. This problem is of cryptographic interest for two reasons. First, for ���Ôit corresponds to the generic reduction of the discrete logarithm problem to the computational Diffie-Hellman problem in a group of prime orderÔ. Second, an efficient solution to the BBF problem proves the inexistence of certain field-homomorphic encryption schemes whose realization is an interesting open problems in algebra-based cryptography. BBFs are also of independent interest in computational algebra. In the previous literature, BBFs had only been considered for the prime field case. In this paper we consider a generalization of the extraction problem to BBFs that are extension fields. More precisely we discuss the representation problem defined as follows: For given generators��������algebraically generating a BBF and an additional elementÜ, all hidden in a black-box, expressÜalgebraically in terms of ��������. We give an efficient algorithm for this representation problem and related problems for fields with small characteristic (e.g.���Òfor someÒ). We also consider extension fields of large characteristic and show how to reduce the representation problem to the extraction problem for the underlying prime field. These results imply the inexistence of field-homomorphic (as opposed to only group-homomorphic, like RSA) one-way permutations for fields of small characteristic.

Citations