Skip to main content
SpringerLink
Log in

On the Bits of Elliptic Curve Diffie-Hellman Keys

  • Conference paper
Progress in Cryptology – INDOCRYPT 2007 (INDOCRYPT 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4859))

Included in the following conference series:

Abstract

We study the security of elliptic curve Diffie-Hellman secret keys in the presence of oracles that provide partial information on the value of the key. Unlike the corresponding problem for finite fields, little is known about this problem, and in the case of elliptic curves the difficulty of representing large point multiplications in an algebraic manner leads to new obstacles that are not present in the case of finite fields. To circumvent this obstruction, we introduce a small multiplier version of the hidden number problem, and we use its properties to analyze the security of certain Diffie-Hellman bits. We suggest new character sum conjectures that guarantee the uniqueness of solutions to the hidden number problem, and provide some evidence in support of the conjectures by showing that they hold on average in certain cases. We also present a Gröbner basis algorithm for solving the hidden number problem and recovering the Diffie-Hellman secret key when the elliptic curve is defined over a constant degree extension field and the oracle is a coordinate function in the polynomial basis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akavia, A., Goldwasser, S., Safra, S.: Proving hard-core predicates using list decoding. In: FOCS 2003. Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science, p. 146. IEEE Computer Society, Washington, DC (2003)

    Chapter  Google Scholar 

  2. Boneh, D., Halevi, S., Howgrave-Graham, N.: The modular inversion hidden number problem. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 36–51. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. Boneh, D., Shparlinski, I.: On the unpredictability of bits of the elliptic curve Diffie-Hellman scheme. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 201–212. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemess. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)

    Google Scholar 

  5. Boneh, D., Venkatesan, R.: Rounding in lattices and its cryptographic applications. In: Proceedings of the Eighth Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 675–681. ACM, New York (1997)

    Google Scholar 

  6. Bourgain, J.: New bounds on exponential sums related to the Diffie-Hellman distributions. C.R. Math. Acad. Sci. Paris 338(11), 825–830 (2004)

    MATH  MathSciNet  Google Scholar 

  7. Bourgain, J.: Estimates on exponential sums related to the Diffie-Hellman distributions. Geom. Funct. Anal. 15(1), 1–34 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  8. Bourgain, J.: On an exponential sum related to the Diffie-Hellman cryptosystem. Int. Math. Res. Not., pages Art. ID 61271, 15 (2006)

    Google Scholar 

  9. Canetti, R., Friedlander, J., Konyagin, S., Larsen, M., Lieman, D., Shparlinski, I.: On the statistical properties of Diffie-Hellman distributions. Israel J. Math. 120, 23–46 (2000)

    MATH  MathSciNet  Google Scholar 

  10. Canetti, R., Friedlander, J., Shparlinski, I.: On certain exponential sums and the distribution of Diffie-Hellman triples. J. London Math. Soc (2), 59(3), 799–812 (1999)

    Article  MathSciNet  Google Scholar 

  11. Deligne, P.: Cohomologie étale. In: de Boutot, J.F., Grothendieck, A., Illusie et, L., Verdier, J.L. (eds.) Séminaire de Géométrie Algébrique du Bois-Marie SGA 4\({1\over 2}\), Avec la collaboration. Lecture Notes in Mathematics, vol. 569, Springer, Berlin (1977)

    Google Scholar 

  12. Friedlander, J., Shparlinski, I.: On the distribution of the power generator. Math. Comp (electronic) 70(236), 1575–1589 (2001)

    Article  MATH  MathSciNet  Google Scholar 

  13. Galbraith, S., Hopkins, H., Shparlinski, I.: Secure bilinear Diffie-Hellman bits. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 370–378. Springer, Heidelberg (2004)

    Google Scholar 

  14. Goldreich, O., Impagliazzo, R., Levin, L., Venkatesan, R., Zuckerman, D.: Security preserving amplification of hardness. In: 31st Annual Symposium on Foundations of Computer Science, vol. I, II, pp. 318–326. IEEE Comput. Soc. Press, Los Alamitos, CA (1990)

    Chapter  Google Scholar 

  15. González Vasco, M.I., Shparlinski, I.: On the security of Diffie-Hellman bits. In: Cryptography and computational number theory, Progr. Comput. Sci. Appl. Logic, vol. 20, pp. 257–268. Birkhäuser, Basel (2001)

    Google Scholar 

  16. González Vasco, M.I., Shparlinski, I.: Security of the most significant bits of the Shamir message passing scheme. Math. Comp (electronic) 71(237), 333–342 (2002)

    Article  MATH  Google Scholar 

  17. Howgrave-Graham, N., Nguyen, P., Shparlinski, I.: Hidden number problem with hidden multipliers, timed-release crypto, and noisy exponentiation. Math. Comp (electronic) 72(243), 1473–1485 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  18. Jao, D., Miller, S.D., Venkatesan, R.: Do all elliptic curves of the same order have the same difficulty of discrete log? In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 21–40. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  19. Lenstra, A.K., Lenstra Jr., H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261(4), 515–534 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  20. Nguyen, P.: The dark side of the hidden number problem: lattice attacks on DSA. In: Cryptography and computational number theory, Progr. Comput. Sci. Appl. Logic, Birkhäuser, Basel, vol. 20, pp. 321–330 (2001)

    Google Scholar 

  21. Nguyen, P., Shparlinski, I.: The insecurity of the digital signature algorithm with partially known nonces. J. Cryptology 15(3), 151–176 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  22. Nguyen, P., Shparlinski, I.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Des. Codes Cryptogr. 30(2), 201–217 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  23. Shparlinski, I.: On the generalised hidden number problem and bit security of XTR. In: Bozta, S., Sphparlinski, I. (eds.) Applied Algebra, Algebraic Algorithms and Error-Correcting Codes. LNCS, vol. 2227, pp. 268–277. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  24. Shparlinski, I.: Cryptographic applications of analytic number theory. In: Progress in Computer Science and Applied Logic, Complexity lower bounds and pseudorandomness, vol. 22, Birkhäuser Verlag, Basel (2003)

    Google Scholar 

  25. Shparlinski, I.: Playing ‘hide-and-seek’ with numbers: the hidden number problem, lattices and exponential sums. In: Public-key cryptography, Proc. Sympos. Appl. Math., vol. 62, pp. 153–177. Amer. Math. Soc., Providence, RI (2005)

    Google Scholar 

  26. Silverman, J.: The arithmetic of elliptic curves. In: Graduate Texts in Mathematics, vol. 106, Springer, New York (1992) Corrected reprint of the 1986 original

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Waterloo, Waterloo ON N2L3G1, Canada

    David Jao

  2. Dept. of Mathematics, University of California at Berkeley, Berkeley, CA 94720,  

    Dimitar Jetchev

  3. Microsoft Research India Private Limited, ”Scientia”, No:196/36, 2nd Main Road, Sadashivnagar, Bangalore – 560080, India

    Ramarathnam Venkatesan

  4. Microsoft Research, 1 Microsoft Way, Redmond WA 98052,  

    Ramarathnam Venkatesan

Authors
  1. David Jao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dimitar Jetchev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ramarathnam Venkatesan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

K. Srinathan C. Pandu Rangan Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jao, D., Jetchev, D., Venkatesan, R. (2007). On the Bits of Elliptic Curve Diffie-Hellman Keys. In: Srinathan, K., Rangan, C.P., Yung, M. (eds) Progress in Cryptology – INDOCRYPT 2007. INDOCRYPT 2007. Lecture Notes in Computer Science, vol 4859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77026-8_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77026-8_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77025-1

  • Online ISBN: 978-3-540-77026-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation