Quadratic Residuosity Problem
The quadratic residuosity problem (QRP) in computational number theory is to decide, given integers a and N, whether a is a quadratic residue modulo N or not. Here N = p_1 p_2 for two unknown primes p_1 and p_2, and a is among the numbers which are not obviously quadratic non-residues (see below). The problem was first described by Gauss in his ''Disquisitiones Arithmeticae'' in 1801. This problem is believed to be computationally difficult. Several cryptographic methods rely on its hardness, see . An efficient algorithm for the quadratic residuosity problem immediately implies efficient algorithms for other number theoretic problems, such as deciding whether a composite N of unknown factorization is the product of 2 or 3 primes. Precise formulation Given integers a and T, a is said to be a ''quadratic residue modulo T'' if there exists an integer b such that :a \equiv b^2 \pmod T. Otherwise we say it is a quadratic non-residue. When T = p is a prime, it is customary to us ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Computational Number Theory
In mathematics and computer science, computational number theory, also known as algorithmic number theory, is the study of computational methods for investigating and solving problems in number theory and arithmetic geometry, including algorithms for primality testing and integer factorization, finding solutions to diophantine equations, and explicit methods in arithmetic geometry. Computational number theory has applications to cryptography, including RSA, elliptic curve cryptography and post-quantum cryptography, and is used to investigate conjectures and open problems in number theory, including the Riemann hypothesis, the Birch and Swinnerton-Dyer conjecture, the ABC conjecture, the modularity conjecture, the Sato-Tate conjecture, and explicit aspects of the Langlands program. Software packages * Magma computer algebra system * SageMath * Number Theory Library * PARI/GP * Fast Library for Number Theory Further reading * * * * * * * * * * * References ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Blum Blum Shub
Blum Blum Shub (B.B.S.) is a pseudorandom number generator proposed in 1986 by Lenore Blum, Manuel Blum and Michael Shub that is derived from Michael O. Rabin's one-way function. __TOC__ Blum Blum Shub takes the form :x_ = x_n^2 \bmod M, where ''M'' = ''pq'' is the product of two large primes ''p'' and ''q''. At each step of the algorithm, some output is derived from ''x''''n''+1; the output is commonly either the bit parity of ''x''''n''+1 or one or more of the least significant bits of ''x''''n''+1''. The seed ''x''0 should be an integer that is co-prime to ''M'' (i.e. ''p'' and ''q'' are not factors of ''x''0) and not 1 or 0. The two primes, ''p'' and ''q'', should both be congruent to 3 (mod 4) (this guarantees that each quadratic residue has one square root which is also a quadratic residue), and should be safe primes with a small gcd((''p-3'')''/2'', (''q-3'')''/2'') (this makes the cycle length large). An interesting characteristic of the Blum Blum Shub generator is th ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Computational Number Theory
In mathematics and computer science, computational number theory, also known as algorithmic number theory, is the study of computational methods for investigating and solving problems in number theory and arithmetic geometry, including algorithms for primality testing and integer factorization, finding solutions to diophantine equations, and explicit methods in arithmetic geometry. Computational number theory has applications to cryptography, including RSA, elliptic curve cryptography and post-quantum cryptography, and is used to investigate conjectures and open problems in number theory, including the Riemann hypothesis, the Birch and Swinnerton-Dyer conjecture, the ABC conjecture, the modularity conjecture, the Sato-Tate conjecture, and explicit aspects of the Langlands program. Software packages * Magma computer algebra system * SageMath * Number Theory Library * PARI/GP * Fast Library for Number Theory Further reading * * * * * * * * * * * References ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Higher Residuosity Problem
In cryptography, most public key cryptosystems are founded on problems that are believed to be intractable. The higher residuosity problem (also called the n th-residuosity problem) is one such problem. This problem is ''easier'' to solve than integer factorization, so the assumption that this problem is hard to solve is ''stronger'' than the assumption that integer factorization is hard. Mathematical background If ''n'' is an integer, then the integers modulo ''n'' form a ring. If ''n''=''pq'' where ''p'' and ''q'' are primes, then the Chinese remainder theorem tells us that :\mathbb/n\mathbb \simeq \mathbb/p\mathbb \times \mathbb/q\mathbb The group of units of any ring form a group, and the group of units in \mathbb/n\mathbb is traditionally denoted (\mathbb/n\mathbb) ^*. From the isomorphism above, we have :(\mathbb/n\mathbb)^* \simeq (\mathbb/p\mathbb)^* \times (\mathbb/q\mathbb)^* as an isomorphism of ''groups''. Since ''p'' and ''q'' were assumed to be prime, th ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Cocks IBE Scheme
Cocks IBE scheme is an identity based encryption system proposed by Clifford Cocks in 2001.Clifford CocksAn Identity Based Encryption Scheme Based on Quadratic Residues, ''Proceedings of the 8th IMA International Conference on Cryptography and Coding'', 2001 The security of the scheme is based on the hardness of the quadratic residuosity problem. Protocol Setup The PKG chooses: # a public RSA-modulus \textstyle n = pq, where \textstyle p,q,\,p \equiv q \equiv 3 \bmod 4 are prime and kept secret, # the message and the cipher space \textstyle \mathcal = \left\, \mathcal = \mathbb_n and # a secure public hash function \textstyle f: \left\^* \rightarrow \mathbb_n. Extract When user \textstyle ID wants to obtain his private key, he contacts the PKG through a secure channel. The PKG # derives \textstyle a with \textstyle \left(\frac\right) = 1 by a deterministic process from \textstyle ID (e.g. multiple application of \textstyle f), # computes \textstyle r = a^ \pmod n (which fulfils ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Identity Based Encryption
ID-based encryption, or identity-based encryption (IBE), is an important primitive of ID-based cryptography. As such it is a type of public-key encryption in which the public key of a user is some unique information about the identity of the user (e.g. a user's email address). This means that a sender who has access to the public parameters of the system can encrypt a message using e.g. the text-value of the receiver's name or email address as a key. The receiver obtains its decryption key from a central authority, which needs to be trusted as it generates secret keys for every user. ID-based encryption was proposed by Adi Shamir in 1984. He was however only able to give an instantiation of identity-based signatures. Identity-based encryption remained an open problem for many years. The pairing-based Boneh–Franklin scheme and Cocks's encryption scheme based on quadratic residues both solved the IBE problem in 2001. Usage Identity-based systems allow any party to generate a pu ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Goldwasser–Micali Cryptosystem
The Goldwasser–Micali (GM) cryptosystem is an asymmetric key encryption algorithm developed by Shafi Goldwasser and Silvio Micali in 1982. GM has the distinction of being the first probabilistic public-key encryption scheme which is provably secure under standard cryptographic assumptions. However, it is not an efficient cryptosystem, as ciphertexts may be several hundred times larger than the initial plaintext. To prove the security properties of the cryptosystem, Goldwasser and Micali proposed the widely used definition of semantic security. Basis The GM cryptosystem is semantically secure based on the assumed intractability of the quadratic residuosity problem modulo a composite ''N'' = ''pq'' where ''p, q'' are large primes. This assumption states that given (''x'', ''N'') it is difficult to determine whether ''x'' is a quadratic residue modulo ''N'' (i.e., ''x'' = ''y''2 mod ''N'' for some ''y''), when the Jacobi symbol for ''x'' is +1. The quadratic residue proble ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Public Key Encryption
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security. In a public-key encryption system, anyone with a public key can encrypt a message, yielding a ciphertext, but only those who know the corresponding private key can decrypt the ciphertext to obtain the original message. For example, a journalist can publish the public key of an encryption key pair on a web site so that sources can send secret messages to the news organization in ciphertext. Only the journalist who knows the corresponding private key can decrypt the ciphertexts to obtain the sources' messages—an eavesd ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Pseudorandom Number Generator
A pseudorandom number generator (PRNG), also known as a deterministic random bit generator (DRBG), is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers. The PRNG-generated sequence is not truly random, because it is completely determined by an initial value, called the PRNG's ''seed'' (which may include truly random values). Although sequences that are closer to truly random can be generated using hardware random number generators, ''pseudorandom number generators'' are important in practice for their speed in number generation and their reproducibility. PRNGs are central in applications such as simulations (e.g. for the Monte Carlo method), electronic games (e.g. for procedural generation), and cryptography. Cryptographic applications require the output not to be predictable from earlier outputs, and more elaborate algorithms, which do not inherit the linearity of simpler PRNGs, are needed. Good statist ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Jacobi Symbol
Jacobi symbol for various ''k'' (along top) and ''n'' (along left side). Only are shown, since due to rule (2) below any other ''k'' can be reduced modulo ''n''. Quadratic residues are highlighted in yellow — note that no entry with a Jacobi symbol of −1 is a quadratic residue, and if ''k'' is a quadratic residue modulo a coprime ''n'', then , but not all entries with a Jacobi symbol of 1 (see the and rows) are quadratic residues. Notice also that when either ''n'' or ''k'' is a square, all values are nonnegative. The Jacobi symbol is a generalization of the Legendre symbol. Introduced by Jacobi in 1837, it is of theoretical interest in modular arithmetic and other branches of number theory, but its main use is in computational number theory, especially primality testing and integer factorization; these in turn are important in cryptography. Definition For any integer ''a'' and any positive odd integer ''n'', the Jacobi symbol is defined as the product of the ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Quadratic Residue
In number theory, an integer ''q'' is called a quadratic residue modulo ''n'' if it is congruent to a perfect square modulo ''n''; i.e., if there exists an integer ''x'' such that: :x^2\equiv q \pmod. Otherwise, ''q'' is called a quadratic nonresidue modulo ''n''. Originally an abstract mathematical concept from the branch of number theory known as modular arithmetic, quadratic residues are now used in applications ranging from acoustical engineering to cryptography and the factoring of large numbers. History, conventions, and elementary facts Fermat, Euler, Lagrange, Legendre, and other number theorists of the 17th and 18th centuries established theorems and formed conjectures about quadratic residues, but the first systematic treatment is § IV of Gauss's ''Disquisitiones Arithmeticae'' (1801). Article 95 introduces the terminology "quadratic residue" and "quadratic nonresidue", and states that if the context makes it clear, the adjective "quadratic" may be dropped. For ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |
|
Euclidean Algorithm
In mathematics, the Euclidean algorithm,Some widely used textbooks, such as I. N. Herstein's ''Topics in Algebra'' and Serge Lang's ''Algebra'', use the term "Euclidean algorithm" to refer to Euclidean division or Euclid's algorithm, is an efficient method for computing the greatest common divisor (GCD) of two integers (numbers), the largest number that divides them both without a remainder. It is named after the ancient Greek mathematician Euclid, who first described it in Euclid's Elements, his ''Elements'' (c. 300 BC). It is an example of an ''algorithm'', a step-by-step procedure for performing a calculation according to well-defined rules, and is one of the oldest algorithms in common use. It can be used to reduce Fraction (mathematics), fractions to their Irreducible fraction, simplest form, and is a part of many other number-theoretic and cryptographic calculations. The Euclidean algorithm is based on the principle that the greatest common divisor of two numbers does not ... [...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]   |