Abstract
We introduce a new cryptosystem with trapdoor decryption based on the difficulty of computing discrete logarithms in the class group of the nonmaximal imaginary quadratic order N Δq, where δq = δq2, δ square-free and q prime. The trapdoor information is the conductor q. Knowledge of this trapdoor information enables one to switch to and from the class group of the maximal order N Δ, where the representatives of the ideal classes have smaller coefficients. Thus, the decryption procedure may be performed in the class group of N Δ rather than in the class group of the public N Δq, which is much more efficient. We show that inverting our proposed cryptosystem is computationally equivalent to factoring the non-fundamental discriminant δq, which is intractable for a suitable choice of δ and q. We also describe how signature schemes in N Δq may be set up using this trapdoor information. Furthermore, we illustrate how one may embed key escrow capability into classical imaginary quadratic field cryptosystems.
Chapter PDF
References
I. Biehl, J. Buchmann, and T. Papanikolaou. LiDIA — A library for computational number theory. The LiDIA Group, Universität des Saarlandes, Saarbrücken, Germany, 1995.
Z.I. Borevich and I.R. Shafarevich. Number Theory. Academic Press, New York, 1966.
J. Buchmann and S. Düllmann. On the computation of discrete logarithms in class groups. In Advances in Cryptology — CRYPTO '90, volume 537 of Lecture Notes in Computer Science, pages 134–139, 1991.
J. Buchmann, S. Düllmann, and H.C. Williams. On the complexity and efficiency of a new key exchange system. In Advances in Cryptology — EUROCRYPT '89, volume 434 of Lecture Notes in Computer Science, pages 597–616, 1990.
J. Buchmann and H.C. Williams. A key-exchange system based on imaginary quadratic fields. Journal of Cryptology, 1:107–118, 1988.
J.P. Buhler, H.W. Lenstra, Jr., and C. Pomerance. Factoring integers with the number fields sieve. In A.K. Lenstra and H.W. Lenstra, Jr., editors, The Developement of the Number Field Sieve, volume 1554 of Lecture Notes in Math., pages 50–94. Springer, Berlin, 1993.
H. Cohen. A Course in Computational Algebraic Number Theory. Springer-Verlag, Berlin, 1993.
D.A. Cox. Primes of the form x2 + ny2. John Wiley & Sons, New York, 1989.
W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:472–492, 1976.
S. Düllmann. Ein Algorithmus zur Bestimmung der Klassengruppe positiv definiter binärer quadratischer Formen. PhD thesis, Universität des Saarlandes, Saarbrücken, Germany, 1991.
T. El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31:469–472, 1985.
J.L. Hafner and K.S. McCurley. A rigorous subexpoential algorithm for computation of class groups. J. Amer. Math. Soc., 2:837–850, 1989.
L.K. Hua. Introduction to Number Theory. Springer-Verlag, New York, 1982.
M.J. Jacobson, Jr. Applying sieving to the computation of quadratic class groups. To appear in Math. Comp., 1997.
N. Koblitz. Elliptic curve cryptosystems. Math. Comp., 48:203–209, 1987.
N. Koblitz. Hyperelliptic cryptosystems. Journal of Cryptology, 1:139–150, 1989.
H.W. Lenstra, Jr. Factoring integers with elliptic curves. Annals of Math. (2), 126:649–673, 1987.
K.S. McCurley. Cryptographic key distribution and computation in class groups. In R.A. Mollin, editor, Proc. NATO ASI on Number Theory and Applications, pages 459–479. Kluwer Academic Press, 1989.
K.S. McCurley. A key distribution system equivalent to factoring. Journal of Cryptology, 1:95–105, 1989.
V. Miller. Use of elliptic curves in cryptography. In Advances in Cryptology — CRYPTO '85, volume 218 of Lecture Notes in Computer Science, pages 417–426, 1986.
J. Neukirch. Algebraische Zahlentheorie. Springer, Berlin, 1992.
K. Nyberg and R. Rüppel. A new signature scheme based on the DSA giving message recovery. In 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, Nov. 3–5, 1993.
National Institute of Standards and Technology (NIST). Digital signature standard (DSS). Federal Information Processing Standards Publication, 186, May 19, 1994.
C. Pomerance. Analysis and comparison of some integer factoring algorithms. In H.W. Lenstra, Jr. and R. Tijdeman, editors, Computational Methods in Number Theory, pages 89–139. Math. Centre Tracts, Amsterdam, 1983. Number 154, Part I.
R.J. Schoof. Quadratic fields and factorization. In H.W. Lenstra, Jr. and R. Tijdeman, editors, Computational Methods in Number Theory, pages 235–286. Math. Centre Tracts, Amsterdam, 1983. Number 155, Part II.
D. Shanks. On Gauss and composition I, II. In R.A. Mollin, editor, Proc. NATO ASI on Number Theory and Applications, pages 163–179. Kluwer Academic Press, 1989.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hühnlein, D., Jacobson, M.J., Paulus, S., Takagi, T. (1998). A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption. In: Nyberg, K. (eds) Advances in Cryptology — EUROCRYPT'98. EUROCRYPT 1998. Lecture Notes in Computer Science, vol 1403. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054134
Download citation
DOI: https://doi.org/10.1007/BFb0054134
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64518-4
Online ISBN: 978-3-540-69795-4
eBook Packages: Springer Book Archive