New results on modular inversion hidden number problem and inversive congruential generator
The Modular Inversion Hidden Number Problem (MIHNP), introduced by Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001, is briefly described as follows: Let MSB ( ) refer to the δ most significant bits of z. Given many samples( ,MSB (( + )−1mod ))(ti,MSBδ((α+ti)−1modp)) for random ∈ℤ , the goal is...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2020
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/138108 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-138108 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1381082020-09-26T22:04:09Z New results on modular inversion hidden number problem and inversive congruential generator Xu, Jun Sarkar, Santanu Hu, Lei Wang, Huaxiong Pan, Yanbin School of Physical and Mathematical Sciences 39th Annual International Cryptology Conference (CRYPTO 2019) Science::Mathematics Modular Inversion Hidden Number Problem Inversive Congruential Generator The Modular Inversion Hidden Number Problem (MIHNP), introduced by Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001, is briefly described as follows: Let MSB ( ) refer to the δ most significant bits of z. Given many samples( ,MSB (( + )−1mod ))(ti,MSBδ((α+ti)−1modp)) for random ∈ℤ , the goal is to recover the hidden number ∈ℤ . MIHNP is an important class of Hidden Number Problem. In this paper, we revisit the Coppersmith technique for solving a class of modular polynomial equations, which is respectively derived from the recovering problem of the hidden number α in MIHNP. For any positive integer constant d, let integer = 3+ (1) . Given a sufficiently large modulus p, n+1 samples of MIHNP, we present a heuristic algorithm to recover the hidden number$$\alpha $$ with a probability close to 1 when /log2 >1 +1+ (1 ). The overall time complexity of attack is polynomial in log2 , where the complexity of the LLL algorithm grows as dO(d) and the complexity of the Gröbner basis computation grows as(2d)O(n2). When >2, this asymptotic bound outperforms /log2 >1/3 which is the asymptotic bound proposed by Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001. It is the first time that a better bound for solving MIHNP is given, which implies that the conjecture that MIHNP is hard whenever /log2 <1/3 is broken. Moreover, we also get the best result for attacking the Inversive Congruential Generator (ICG) up to now. NRF (Natl Research Foundation, S’pore) MOE (Min. of Education, S’pore) Accepted version 2020-04-24T06:33:48Z 2020-04-24T06:33:48Z 2019 Conference Paper Xu, J., Sarkar, S., Hu, L., Wang, H., & Pan, Y. (2019). New results on modular inversion hidden number problem and inversive congruential generator. Advances in Cryptology – CRYPTO 2019, 297-321. doi:10.1007/978-3-030-26948-7_11 9783030269470 https://hdl.handle.net/10356/138108 10.1007/978-3-030-26948-7_11 297 321 en © 2019 International Association for Cryptologic Research. All rights reserved. This paper was published in Advances in Cryptology – CRYPTO 2019 and is made available with permission of International Association for Cryptologic Research. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
Science::Mathematics Modular Inversion Hidden Number Problem Inversive Congruential Generator |
| spellingShingle |
Science::Mathematics Modular Inversion Hidden Number Problem Inversive Congruential Generator Xu, Jun Sarkar, Santanu Hu, Lei Wang, Huaxiong Pan, Yanbin New results on modular inversion hidden number problem and inversive congruential generator |
| description |
The Modular Inversion Hidden Number Problem (MIHNP), introduced by Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001, is briefly described as follows: Let MSB ( ) refer to the δ most significant bits of z. Given many samples( ,MSB (( + )−1mod ))(ti,MSBδ((α+ti)−1modp)) for random ∈ℤ , the goal is to recover the hidden number ∈ℤ . MIHNP is an important class of Hidden Number Problem. In this paper, we revisit the Coppersmith technique for solving a class of modular polynomial equations, which is respectively derived from the recovering problem of the hidden number α in MIHNP. For any positive integer constant d, let integer = 3+ (1) . Given a sufficiently large modulus p, n+1 samples of MIHNP, we present a heuristic algorithm to recover the hidden number$$\alpha $$ with a probability close to 1 when /log2 >1 +1+ (1 ). The overall time complexity of attack is polynomial in log2 , where the complexity of the LLL algorithm grows as dO(d) and the complexity of the Gröbner basis computation grows as(2d)O(n2). When >2, this asymptotic bound outperforms /log2 >1/3 which is the asymptotic bound proposed by Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001. It is the first time that a better bound for solving MIHNP is given, which implies that the conjecture that MIHNP is hard whenever /log2 <1/3 is broken. Moreover, we also get the best result for attacking the Inversive Congruential Generator (ICG) up to now. |
| author2 |
School of Physical and Mathematical Sciences |
| author_facet |
School of Physical and Mathematical Sciences Xu, Jun Sarkar, Santanu Hu, Lei Wang, Huaxiong Pan, Yanbin |
| format |
Conference or Workshop Item |
| author |
Xu, Jun Sarkar, Santanu Hu, Lei Wang, Huaxiong Pan, Yanbin |
| author_sort |
Xu, Jun |
| title |
New results on modular inversion hidden number problem and inversive congruential generator |
| title_short |
New results on modular inversion hidden number problem and inversive congruential generator |
| title_full |
New results on modular inversion hidden number problem and inversive congruential generator |
| title_fullStr |
New results on modular inversion hidden number problem and inversive congruential generator |
| title_full_unstemmed |
New results on modular inversion hidden number problem and inversive congruential generator |
| title_sort |
new results on modular inversion hidden number problem and inversive congruential generator |
| publishDate |
2020 |
| url |
https://hdl.handle.net/10356/138108 |
| _version_ |
1681058119603453952 |