Article

Security of Cryptosystems Based on Class Groups of Imaginary Quadratic Orders

Authors:

Bodo MöllerAuthors Info & Claims

ASIACRYPT '00: Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology

Pages 234 - 247

Published: 03 December 2000 Publication History

Abstract

In this work we investigate the difficulty of the discrete logarithm problem in class groups of imaginary quadratic orders. In particular, we discuss several strategies to compute discrete logarithms in those class groups. Based on heuristic reasoning, we give advice for selecting the cryptographic parameter, i.e. the discriminant, such that cryptosystems based on class groups of imaginary quadratic orders would offer a similar security as commonly used cryptosystems.

References

[1]

BIEHL, I., BUCHMANN, J., HAMDY, S., AND MEYER, A. A signature scheme based on the intractability of extracting roots. Tech. Rep. TI-1/00, Technische Universität Darmstadt, Fachbereich Informatik, 2000. http://www.informatik.tu-darmstadt.de/TI/Veroeffentlichung/TR/.

[2]

BUCHMANN, J., AND PAULUS, S. A one way function based on ideal arithmetic in number fields. In Advances in Cryptology -- CRYPTO '97 (1997), B.S. Kaliski, Ed., vol. 1294 of Lecture Notes in Computer Science, Springer-Verlag, pp.385-394.

[3]

BUCHMANN, J., AND WILLIAMS, H. C. A key-exchange system based on imaginary quadratic fields. Journal of Cryptology 1, 3 (1988), 107-118.

[4]

BUCHMANN, J., AND WILLIAMS, H. C. Quadratic fields and cryptography. In Number Theory and Cryptography, J. H. Loxton, Ed., vol.154 of London Mathematical Society Lecture Note Series. Cambridge University Press, 1990, pp. 9-25.

[5]

BUELL, D. A. The expectation of success using a Monte Carlo factoring method -- some statistics on quadratic class numbers. Mathematics of Computation 43, 167 (1984), 313-327.

[6]

COHEN, H. A Course in Computational Algebraic Number Theory, vol. 138 of Graduate Texts in Mathematics. Springer-Verlag, 1995.

[7]

COHEN, H., AND LENSTRA, JR., H. W. Heuristics on class groups. In Number Theory, New York 1982, vol. 1052 of Lecture Notes in Mathematics. Springer-Verlag, 1984, pp. 26-36.

[8]

COHEN, H., AND LENSTRA, JR., H. W. Heuristics on class groups of number fields. In Number Theory, Noordwijkerhout 1983, vol. 1068 of Lecture Notes in Mathematics. Springer-Verlag, 1984, pp. 33-62.

[9]

DÜLLMANN, S. Ein Algorithmus zur Bestimmung der Klassengruppe positiv definiter binärer quadratischer Formen. PhD thesis, Universität des Saarlandes, Saarbrücken, Germany, 1991. German.

[10]

GUILLOU, L. C., AND QUISQUATER, J.-J. A practical zero-knowledge protocol fitted to security microprocessors minimizing both transmission and memory. In Advances in Cryptology -- EUROCRYPT '88 (1988), C.G. Günther, Ed., vol. 330 of Lecture Notes in Computer Science, Springer-Verlag, pp. 123-128.

[11]

HAFNER, J. L., AND MCCURLEY, K. S. A rigorous subexponential algorithm for computation of class groups. Journal of the American Mathematical Society 2 (1989), 837-850.

[12]

HUA, L. K. Introduction to Number Theory. Springer-Verlag, 1982.

[13]

HÜHNLEIN, D. Quadratic orders for NESSIE -- overview and parameter sizes of three public key families.T ech. Rep. TI-3/00, Technische Universität Darmstadt, Fachbereich Informatik, 2000. http://www.informatik.tu-darmstadt.de/TI/Veroeffentlichung/TR/.

[14]

HÜHNLEIN, D., AND TAKAGI, T. Reducing logarithms in totally nonmaximal imaginary quadratic orders to logarithms in finite fields. In Advances in Cryptology -- ASIACRYPT '99 (1999), K.Y. Lam, E. Okamato, and C. Xing, Eds., vol. 1716 of Lecture Notes in Computer Science, Springer-Verlag, pp. 219-231.

[15]

HUNTER, S., AND SORENSON, J. Approximating the number of integers free of large prime factors. Mathematics of Computation 66, 220 (1997), 1729-1741.

[16]

JACOBSON, JR., M. J. Subexponential Class Group Computation in Quadratic Orders. PhD thesis, Technische Universität Darmstadt, Fachbereich Informatik, Darmstadt, Germany, 1999.

[17]

KAPLAN, P. Sur le 2-groupe des classes d'idÉaux des corps quadratiques. Journal für die reine und angewandte Mathematik 283/284 (1976), 313-363. French.

[18]

LENSTRA, A. K., AND VERHEUL, E. R. Selecting cryptographic keysizes. In Practice and Theory in Public Key Cryptography, PKCS 2000 (2000), H. Imai and Y. Zheng, Eds., vol. 1751 of Lecture Notes in Computer Science, Springer-Verlag, pp.446-465. Full version available from http://www.cryptosavvy.com/.

[19]

LiDIA -- a C++ library for computational number theory. http://www.informatik.tu-darmstadt.de/TI/LiDIA/. The LiDIA Group.

[20]

LITTLEWOOD, J. E. On the class number of the corpus P(√-k). Proceedings of the London Mathematical Society, 2nd series 27 (1928), 358-372.

[21]

ODLYZKO, A. M. The future of integer factorization. CryptoBytes 1, 2 (1995). http://www.rsa.com/rsalabs/pubs/cryptobytes/.

[22]

POUPARD, G., AND STERN, J. Security analysis of a practical "on the fly" authentication and siganture generation. In Advances in Cryptology - EUROCRYPT '98 (1998), K. Nyberg, Ed., vol. 1403 of Lecture Notes in Computer Science, Springer-Verlag, pp. 422-436.

[23]

ROSE, H. E. A Course in Number Theory, 2 ed. Oxford University Press, 1994.

[24]

ROSSER, J. B., AND SCHOENFELD, L. Sharper bounds for the Chebyshev functions θ(x) and ψ(x). Mathematics of Computation 29, 129 (1975), 243-269.

[25]

SCHNORR, C. P., AND LENSTRA, Jr., H. W. A Monte Carlo factoring algorithm with linear storage. Mathematics of Computation 43, 167 (1984), 289-311.

[26]

SCHOENFELD, L. Sharper bounds for the Chebyshev functions Φ(x) and ψ(x), ii. Mathematics of Computation 30, 134 (1976), 337-360.

[27]

SILVERMAN, R. D. Exposing the mythical MIPS year. IEEE Computer 32, 8 (1999), 22-26.

[28]

TE RIELE, H. J. J. Factorization of a 512-bits RSA key using the number field sieve.Anno uncment on the Number Theory List ([email protected]), August 1999.

[29]

VAN OORSCHOT, P. C., AND WIENER, M. J. Parallel collusion search with cryptanalytic applications. Journal of Cryptology 12, 1 (1999), 1-28.

[30]

VOLLMER, U. Asymptotically fast discrete logarithms in quadratic number fields. In Algorithmic Number Theory, ANTS IV (2000), W. Bosma, Ed., vol. 1838 of Lecture Notes in Computer Science, Springer-Verlag, pp. 581-594.

Cited By

Lipmaa H(2012)Secure accumulators from euclidean rings without trusted setupProceedings of the 10th international conference on Applied Cryptography and Network Security10.1007/978-3-642-31284-7_14(224-240)Online publication date: 26-Jun-2012
https://dl.acm.org/doi/10.1007/978-3-642-31284-7_14
Biasse JJacobson MSilvester A(2010)Security estimates for quadratic field based cryptosystemsProceedings of the 15th Australasian conference on Information security and privacy10.5555/1926211.1926229(233-247)Online publication date: 5-Jul-2010
https://dl.acm.org/doi/10.5555/1926211.1926229
Schmidt A(2006)Quantum algorithm for solving the discrete logarithm problem in the class group of an imaginary quadratic field and security comparison of current cryptosystems at the beginning of quantum computer ageProceedings of the 2006 international conference on Emerging Trends in Information and Communication Security10.1007/11766155_34(481-493)Online publication date: 6-Jun-2006
https://dl.acm.org/doi/10.1007/11766155_34
Show More Cited By

Index Terms

Security of Cryptosystems Based on Class Groups of Imaginary Quadratic Orders
1. Security and privacy
  1. Cryptography

Index terms have been assigned to the content through auto-classification.

Recommendations

Converting pairing-based cryptosystems from composite-order groups to prime-order groups
EUROCRYPT'10: Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques

We develop an abstract framework that encompasses the key properties of bilinear groups of composite order that are required to construct secure pairing-based cryptosystems, and we show how to use prime-order elliptic curve groups to construct bilinear ...
Public-key cryptosystems based on class semigroups of imaginary quadratic non-maximal orders
ACISP'03: Proceedings of the 8th Australasian conference on Information security and privacy

In this paper we propose a key-exchange system and a public-key encryption scheme based on the class semigroups of imaginary quadratic non-maximal orders, the former is analogous to the Diffie-Hellman's key-exchange system and the latter is similar to ...
Identity-Based Cryptosystems and Quadratic Residuosity
Proceedings, Part I, of the 19th IACR International Conference on Public-Key Cryptography --- PKC 2016 - Volume 9614

Three approaches are currently used for devising identity-based encryption schemes. They respectively build on pairings, quadratic residues $$\mathsf {QR}$$, and lattices. Among them, the $$\mathsf {QR}$$-based scheme proposed by Cocks in 2001 is ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

ASIACRYPT '00: Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology

December 2000

627 pages

ISBN:3540414045

Editor:
Tatsuaki Okamoto

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 03 December 2000

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lipmaa H(2012)Secure accumulators from euclidean rings without trusted setupProceedings of the 10th international conference on Applied Cryptography and Network Security10.1007/978-3-642-31284-7_14(224-240)Online publication date: 26-Jun-2012
https://dl.acm.org/doi/10.1007/978-3-642-31284-7_14
Biasse JJacobson MSilvester A(2010)Security estimates for quadratic field based cryptosystemsProceedings of the 15th Australasian conference on Information security and privacy10.5555/1926211.1926229(233-247)Online publication date: 5-Jul-2010
https://dl.acm.org/doi/10.5555/1926211.1926229
Schmidt A(2006)Quantum algorithm for solving the discrete logarithm problem in the class group of an imaginary quadratic field and security comparison of current cryptosystems at the beginning of quantum computer ageProceedings of the 2006 international conference on Emerging Trends in Information and Communication Security10.1007/11766155_34(481-493)Online publication date: 6-Jun-2006
https://dl.acm.org/doi/10.1007/11766155_34
Kim HMoon S(2003)Public-key cryptosystems based on class semigroups of imaginary quadratic non-maximal ordersProceedings of the 8th Australasian conference on Information security and privacy10.5555/1760479.1760534(488-497)Online publication date: 9-Jul-2003
https://dl.acm.org/doi/10.5555/1760479.1760534
Biehl IBuchmann JHamdy SMeyer A(2002)A Signature Scheme Based on the Intractability of Computing RootsDesigns, Codes and Cryptography10.1023/A:101492732784625:3(223-236)Online publication date: 1-Mar-2002
https://dl.acm.org/doi/10.1023/A%3A1014927327846

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents