Random small Hamming weight products with applications to cryptography
نویسندگان
چکیده
There are many cryptographic constructions in which one uses a random power or multiple of an element in a group or a ring. We describe a fast method to compute random powers and multiples in certain important situations including powers in the Galois field F2n , multiples on Koblitz elliptic curves, and multiples in NTRU convolution polynomial rings. The underlying idea is to form a random exponent or multiplier as a product of factors, each of which has low Hamming weight when expanded as a sum of powers of some fast operation.
منابع مشابه
A New Baby-Step Giant-Step Algorithm and Some Applications to Cryptanalysis
We describe a new variant of the well known Baby-Step Giant-Step algorithm in the case of some discrete logarithms with a special structure. More precisely, we focus on discrete logarithms equal to products in groups of unknown order. As an example of application, we show that this new algorithm enables to cryptanalyse a variant of the GPS scheme proposed by Girault and Lefranc at CHES 2004 con...
متن کاملCounting Optimal Joint Digit Expansions
This paper deals with pairs of integers, written in base two expansions using digits 0,±1. Representations with minimal Hamming weight (number of non-zero pairs of digits) are of special importance because of applications in Cryptography. The interest here is to count the number of such optimal representations.
متن کاملMinimal weight expansions in Pisot bases
Abstract. For applications to cryptography, it is important to represent numbers with a small number of non-zero digits (Hamming weight) or with small absolute sum of digits. The problem of finding representations with minimal weight has been solved for integer bases, e.g. by the non-adjacent form in base 2. In this paper, we consider numeration systems with respect to real bases β which are Pi...
متن کاملCompact Encoding of Non-adjacent Forms with Applications to Elliptic Curve Cryptography
Techniques for fast exponentiation (multiplication) in various groups have been extensively studied for use in cryptographic primitives. Specifically, the coding of the exponent (multiplier) plays an important role in the performances of the algorithms used. The crucial optimization relies in general on minimizing the Hamming weight of the exponent (multiplier). This can be performed optimally ...
متن کاملOn the generalized Hamming weights of convolutional codes
Motivated by applications in cryptology, Wei (1991) introduced the concept of a generalized Hamming weight for a linear block code. In this correspondence, we define generalized Hamming weights for the class of convolutional codes and we derive several of their basic properties. By restricting to convolutional codes having a generator matrix G(D) with bounded Kronecker indices we are able to de...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Discrete Applied Mathematics
دوره 130 شماره
صفحات -
تاریخ انتشار 2003