In this paper we construct the multi-dimensional p-adic approximation lattices by using simultaneous approximation problems (SAP) of p-adic numbers and we estimate the l(infinity) norm of the p-adic SAP solutions theo...
详细信息
In this paper we construct the multi-dimensional p-adic approximation lattices by using simultaneous approximation problems (SAP) of p-adic numbers and we estimate the l(infinity) norm of the p-adic SAP solutions theoretically by applying Dirichlet's principle and numerically by using the lll algorithm. By using the SAP solutions as private keys, the security of which depends on NP-hardness of SAP or the shortest vector problems (SVP) of p-adic lattices, we propose a p-adic knapsack cryptosystem with commitment schemes, in which the sender Alice prepares ciphertexts and the verification keys in her p-adic numberland.
At TrustCom 2013, Govinda Ramaiah and Vijaya Kumari proposed a new protocol for verifying the integrity of the data stored at the remote cloud server, based on a practical version of homomorphic encryption based on in...
详细信息
ISBN:
(数字)9783319491516
ISBN:
(纸本)9783319491516;9783319491509
At TrustCom 2013, Govinda Ramaiah and Vijaya Kumari proposed a new protocol for verifying the integrity of the data stored at the remote cloud server, based on a practical version of homomorphic encryption based on integers. This protocol attempted to combine the data integrity and confidentiality in new ways. The authors claimed that the privacy guarantee of this new protocol is totally dependent on the security of the homomorphic encryption scheme. In this paper, we present a chosen-plaintext attack on this homomorphic encryption scheme. Our attack only needs to apply lll algorithm twice on two small dimension lattices, and the experiments data shows that the user data can be recovered in seconds for the security parameters recommended by the authors. Hence, the privacy of the user data in this protocol can not be guaranteed and the security of this protocol is overestimated.
Recently, in [6] Gomez et al. presented algorithms to recover a decomposition of an integer N = rA(2) + sB(2), where N, r, s are positive integers, and A, B are the wanted unknowns. Their first algorithm recovers two ...
详细信息
ISBN:
(纸本)9783319388984;9783319388977
Recently, in [6] Gomez et al. presented algorithms to recover a decomposition of an integer N = rA(2) + sB(2), where N, r, s are positive integers, and A, B are the wanted unknowns. Their first algorithm recovers two addends by directly using rigorous Coppersmith's bivariate integer method when the error bounds of given approximations to A and B are less than N-1/6. Then by combining with the linearization technique, they improved this theoretical bound to N-1/4. In this paper, we heuristically reach the bound N-1/4 with experimental supports by transforming the integer polynomial concerned in their first algorithm into a modular one. Then we describe a better heuristic algorithm, the dimension of the lattice involved in this improved method is much smaller under the same error bounds.
Luk and Tracy (2008) [7] developed a matrix interpretation of the lll algorithm. Building on their work [7], we propose to add pivoting to the algorithm. We prove that our new algorithm always terminates, and we const...
详细信息
Luk and Tracy (2008) [7] developed a matrix interpretation of the lll algorithm. Building on their work [7], we propose to add pivoting to the algorithm. We prove that our new algorithm always terminates, and we construct a class of ill-conditioned reduced matrices to illustrate the advantages of pivoting. (C) 2010 Elsevier Inc. All rights reserved.
The lll algorithm is a well-known and widely used lattice basis reduction algorithm. hi many applications, its speed is critical. Parallel computing can improve speed. However, the original lll is sequential in nature...
详细信息
ISBN:
(纸本)9781450306263
The lll algorithm is a well-known and widely used lattice basis reduction algorithm. hi many applications, its speed is critical. Parallel computing can improve speed. However, the original lll is sequential in nature. In this paper, we present a multi-threading lll algorithm based on a recently unproved version: all lll algorithm with delayed size reduction.
In Crypto 2010, Kiltz, O'Neill and Smith used m-prime RSA modulus N with m >= 3 for constructing lossy RSA. The security of the proposal is based on the Multi-Prime Phi-Hiding Assumption. In this paper, we prop...
详细信息
ISBN:
(纸本)9783319458717;9783319458700
In Crypto 2010, Kiltz, O'Neill and Smith used m-prime RSA modulus N with m >= 3 for constructing lossy RSA. The security of the proposal is based on the Multi-Prime Phi-Hiding Assumption. In this paper, we propose a heuristic algorithm based on the Herrmann-May lattice method (Asiacrypt 2008) to solve the Multi-Prime Phi-Hiding Problem when prime e > N-2/3m. Further, by combining with mixed lattice techniques, we give an improved heuristic algorithm to solve this problem when prime e > N2/3m-1/4m2. These two results are verified by our experiments. Our bounds are better than the existing works.
As the large-scale multiple-input multiple-output (MIMO) systems have been advanced in wireless communication, the low complexity and high performance receiver technique have been required. Recently, lattice reduction...
详细信息
ISBN:
(纸本)9781509008056
As the large-scale multiple-input multiple-output (MIMO) systems have been advanced in wireless communication, the low complexity and high performance receiver technique have been required. Recently, lattice reduction technique have attracted attention in MIMO detection. Especially, lattice reduction aided linear detection like zero-forcing (ZF) can largely improve the performance with low complexity. Among all the lattice reduction algorithms, the Lenstra-Lenstra-Lovasz (lll) algorithm is well-known and widely used algorithm. lll algorithm reduces the basis of channel matrix by using two conditions and it adopts a parameter in order to get nearly orthogonal basis. Although the parameter is defined range, a constant value is commonly used. However it can't be said that the constant value is the best value for all MIMO system. In this paper, we propose an appropriate parameter to reduce computational complexity in lll algorithm for ZF detection and we also propose an architecture to adapt our proposed parameter in MIMO detection. The proposed parameter is showed simply and corresponds to the number of antennas. Simulation results show that the proposed parameter provides lll lattice reduction aided ZF detection achieving the same performance as the widely used constant value with lower complexity and also correspond to every MIMO system including large-scale MIMO system.
In this paper, we consider a variant of RSA schemes called Prime Power RSA with modulus N= prq for r 2, where p, q are of the same bit-size. May showed that when private exponent d<N;/(r+1);or d < N;, N can be...
详细信息
In this paper, we consider a variant of RSA schemes called Prime Power RSA with modulus N= prq for r 2, where p, q are of the same bit-size. May showed that when private exponent d
In this paper, we investigate the security property of RSA when some middle bits of the private key d are known to an attacker. Using the technique of unravelled linearization, we present a new attack on RSA with know...
详细信息
In this paper, we investigate the security property of RSA when some middle bits of the private key d are known to an attacker. Using the technique of unravelled linearization, we present a new attack on RSA with known middle bits, which improves a previous result under certain circumstance. Our approach is based on Coppersmith's method for finding small roots of modular polynomial equations.
暂无评论