Abstract
We study the security of elliptic curve Diffie-Hellman secret keys in the presence of oracles that provide partial information on the value of the key. Unlike the corresponding problem for finite fields, little is known about this problem, and in the case of elliptic curves the difficulty of representing large point multiplications in an algebraic manner leads to new obstacles that are not present in the case of finite fields. To circumvent this obstruction, we introduce a small multiplier version of the hidden number problem, and we use its properties to analyze the security of certain Diffie-Hellman bits. We suggest new character sum conjectures that guarantee the uniqueness of solutions to the hidden number problem, and provide some evidence in support of the conjectures by showing that they hold on average in certain cases. We also present a Gröbner basis algorithm for solving the hidden number problem and recovering the Diffie-Hellman secret key when the elliptic curve is defined over a constant degree extension field and the oracle is a coordinate function in the polynomial basis.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akavia, A., Goldwasser, S., Safra, S.: Proving hard-core predicates using list decoding. In: FOCS 2003. Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science, p. 146. IEEE Computer Society, Washington, DC (2003)
Boneh, D., Halevi, S., Howgrave-Graham, N.: The modular inversion hidden number problem. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 36–51. Springer, Heidelberg (2001)
Boneh, D., Shparlinski, I.: On the unpredictability of bits of the elliptic curve Diffie-Hellman scheme. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 201–212. Springer, Heidelberg (2001)
Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemess. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)
Boneh, D., Venkatesan, R.: Rounding in lattices and its cryptographic applications. In: Proceedings of the Eighth Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 675–681. ACM, New York (1997)
Bourgain, J.: New bounds on exponential sums related to the Diffie-Hellman distributions. C.R. Math. Acad. Sci. Paris 338(11), 825–830 (2004)
Bourgain, J.: Estimates on exponential sums related to the Diffie-Hellman distributions. Geom. Funct. Anal. 15(1), 1–34 (2005)
Bourgain, J.: On an exponential sum related to the Diffie-Hellman cryptosystem. Int. Math. Res. Not., pages Art. ID 61271, 15 (2006)
Canetti, R., Friedlander, J., Konyagin, S., Larsen, M., Lieman, D., Shparlinski, I.: On the statistical properties of Diffie-Hellman distributions. Israel J. Math. 120, 23–46 (2000)
Canetti, R., Friedlander, J., Shparlinski, I.: On certain exponential sums and the distribution of Diffie-Hellman triples. J. London Math. Soc (2), 59(3), 799–812 (1999)
Deligne, P.: Cohomologie étale. In: de Boutot, J.F., Grothendieck, A., Illusie et, L., Verdier, J.L. (eds.) Séminaire de Géométrie Algébrique du Bois-Marie SGA 4\({1\over 2}\), Avec la collaboration. Lecture Notes in Mathematics, vol. 569, Springer, Berlin (1977)
Friedlander, J., Shparlinski, I.: On the distribution of the power generator. Math. Comp (electronic) 70(236), 1575–1589 (2001)
Galbraith, S., Hopkins, H., Shparlinski, I.: Secure bilinear Diffie-Hellman bits. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 370–378. Springer, Heidelberg (2004)
Goldreich, O., Impagliazzo, R., Levin, L., Venkatesan, R., Zuckerman, D.: Security preserving amplification of hardness. In: 31st Annual Symposium on Foundations of Computer Science, vol. I, II, pp. 318–326. IEEE Comput. Soc. Press, Los Alamitos, CA (1990)
González Vasco, M.I., Shparlinski, I.: On the security of Diffie-Hellman bits. In: Cryptography and computational number theory, Progr. Comput. Sci. Appl. Logic, vol. 20, pp. 257–268. Birkhäuser, Basel (2001)
González Vasco, M.I., Shparlinski, I.: Security of the most significant bits of the Shamir message passing scheme. Math. Comp (electronic) 71(237), 333–342 (2002)
Howgrave-Graham, N., Nguyen, P., Shparlinski, I.: Hidden number problem with hidden multipliers, timed-release crypto, and noisy exponentiation. Math. Comp (electronic) 72(243), 1473–1485 (2003)
Jao, D., Miller, S.D., Venkatesan, R.: Do all elliptic curves of the same order have the same difficulty of discrete log? In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 21–40. Springer, Heidelberg (2005)
Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261(4), 515–534 (1982)
Nguyen, P.: The dark side of the hidden number problem: lattice attacks on DSA. In: Cryptography and computational number theory, Progr. Comput. Sci. Appl. Logic, Birkhäuser, Basel, vol. 20, pp. 321–330 (2001)
Nguyen, P., Shparlinski, I.: The insecurity of the digital signature algorithm with partially known nonces. J. Cryptology 15(3), 151–176 (2002)
Nguyen, P., Shparlinski, I.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Des. Codes Cryptogr. 30(2), 201–217 (2003)
Shparlinski, I.: On the generalised hidden number problem and bit security of XTR. In: Bozta, S., Sphparlinski, I. (eds.) Applied Algebra, Algebraic Algorithms and Error-Correcting Codes. LNCS, vol. 2227, pp. 268–277. Springer, Heidelberg (2001)
Shparlinski, I.: Cryptographic applications of analytic number theory. In: Progress in Computer Science and Applied Logic, Complexity lower bounds and pseudorandomness, vol. 22, Birkhäuser Verlag, Basel (2003)
Shparlinski, I.: Playing ‘hide-and-seek’ with numbers: the hidden number problem, lattices and exponential sums. In: Public-key cryptography, Proc. Sympos. Appl. Math., vol. 62, pp. 153–177. Amer. Math. Soc., Providence, RI (2005)
Silverman, J.: The arithmetic of elliptic curves. In: Graduate Texts in Mathematics, vol. 106, Springer, New York (1992) Corrected reprint of the 1986 original
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jao, D., Jetchev, D., Venkatesan, R. (2007). On the Bits of Elliptic Curve Diffie-Hellman Keys. In: Srinathan, K., Rangan, C.P., Yung, M. (eds) Progress in Cryptology – INDOCRYPT 2007. INDOCRYPT 2007. Lecture Notes in Computer Science, vol 4859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77026-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-77026-8_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77025-1
Online ISBN: 978-3-540-77026-8
eBook Packages: Computer ScienceComputer Science (R0)