Hidden Number Problem in Small Subgroups
نویسندگان
چکیده
Boneh and Venkatesan have proposed a polynomial time algorithm for recovering a ”hidden” element α ∈ IFp, where p is prime, from rather short strings of the most significant bits of the residue of αt modulo p for several randomly chosen t ∈ IFp. González Vasco and the first author have recently extended this result to subgroups of IFp of order at least p 1/3+ε for all p and to subgroups of order at least pε for almost all p. Here we introduce a new modification in the scheme which amplifies the uniformity of distribution of the ‘multipliers’ t and thus extend this result to subgroups of order at least (log p)/(log log p)1−ε for all primes p. As in the above works, we give applications of our result to the bit security of the Diffie–Hellman secret key starting with subgroups of very small size, thus including all cryptographically interesting subgroups.
منابع مشابه
A Nonuniform Algorithm for the Hidden Number Problem in Subgroups
Boneh and Venkatesan have proposed a polynomial time algorithm in a non-uniform model for recovering a ”hidden” element α ∈ IFp, where p is prime, from very short strings of the most significant bits of the residue of αt modulo p for several randomly chosen t ∈ IFp. Here we modify the scheme and amplify the uniformity of distribution of the ‘multipliers’ t and thus extend this result to subgrou...
متن کاملOn Quantum Algorithms for Noncommutative Hidden Subgroups
Quantum algorithms for factoring and finding discrete logarithms have previously been generalized to finding hidden subgroups of finite Abelian groups. This paper explores the possibility of extending this general viewpoint to finding hidden subgroups of noncommutative groups. We present a quantum algorithm for the special case of dihedral groups which determines the hidden subgroup in a linear...
متن کاملA hidden number problem in small subgroups
Boneh and Venkatesan have proposed a polynomial time algorithm for recovering a hidden element α ∈ Fp, where p is prime, from rather short strings of the most significant bits of the residue of αt modulo p for several randomly chosen t ∈ Fp. González Vasco and the first author have recently extended this result to subgroups of Fp of order at least p 1/3+ε for all p and to subgroups of order at ...
متن کاملHidden Subgroup States Are Almost Orthogonal
It is well known that quantum computers can eeciently nd a hidden subgroup H of a nite Abelian group G. This implies that after only a polynomial (in log jGj) number of calls to the oracle function, the states corresponding to diierent candidate subgroups have exponentially small inner product. We show that this is true for noncom-mutative groups also. We present a quantum algorithm which ident...
متن کاملQuantum measurements for hidden subgroup problems with optimal sample complexity
One of the central issues in the hidden subgroup problem is to bound the sample complexity, i.e., the number of identical samples of coset states sufficient and necessary to solve the problem. In this paper, we present general bounds for the sample complexity of the identification and decision versions of the hidden subgroup problem. As a consequence of the bounds, we show that the sample compl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2003 شماره
صفحات -
تاریخ انتشار 2003