The Modular Inversion Hidden Number Problem
نویسندگان
چکیده
We study a class of problems called Modular Inverse Hidden Number Problems (MIHNPs). The basic problem in this class is the following: Given many pairs 〈 xi, msbk ( (α+ xi) −1 mod p )〉 for random xi ∈ Zp the problem is to find α ∈ Zp (here msbk(x) refers to the k most significant bits of x). We describe an algorithm for this problem when k > (log2 p)/3 and conjecture that the problem is hard whenever k < (log2 p)/3. We show that assuming hardness of some variants of this MIHNP problem leads to very efficient algebraic PRNGs and MACs.
منابع مشابه
Finding Small Solutions of a Class of Simultaneous Modular Equations and Applications to Modular Inversion Hidden Number Problem and Inversive Congruential Generator
In this paper we revisit the modular inversion hidden number problem and the inversive congruential pseudo random number generator and consider how to more efficiently attack them in terms of fewer samples or outputs. We reduce the attacking problem to finding small solutions of systems of modular polynomial equations of the form ai+bix0+cixi+x0xi = 0 (mod p), and present two strategies to cons...
متن کاملOn the modular inversion hidden number problem
We give a rigorous deterministic polynomial time algorithm for the modular inversion hidden number problem introduced by D. Boneh, S. Halevi and N. A. Howgrave-Graham in 2001. For our algorithm we need to be given about 2/3 of the bits of the output, which matches one of the heuristic algorithms of D. Boneh, S. Halevi and N. A. Howgrave-Graham and answers one of their open questions. However th...
متن کاملInverse Problems in Imaging Systems and the General Bayesian Inversion Frawework
In this paper, first a great number of inverse problems which arise in instrumentation, in computer imaging systems and in computer vision are presented. Then a common general forward modeling for them is given and the corresponding inversion problem is presented. Then, after showing the inadequacy of the classical analytical and least square methods for these ill posed inverse problems, a Baye...
متن کاملSolving a Class of Modular Polynomial Equations and its Relation to Modular Inversion Hidden Number Problem and Inversive Congruential Generator
In this paper we revisit the modular inversion hidden number problem (MIHNP) and the inversive congruential generator (ICG) and consider how to attack them more efficiently. We consider systems of modular polynomial equations of the form aij + bijxi + cijxj + xixj = 0 (mod p) and show the relation between solving such equations and attacking MIHNP and ICG. We present three heuristic strategies ...
متن کاملModular Inversion Hidden Number Problem - Correction and Improvements
The Modular Inversion Hidden Number Problem (MIHNP) was introduced by Boneh, Halevi and Howgrave-Graham in Asiacrypt 2001 (BHH’01). They provided two heuristics in Method I, two-third of the output bits are required to solve the problem, whereas the more efficient heuristic (Method II) requires only one-third of the bits of the output. After more than a decade, here we identify that the claim i...
متن کامل