Security and E ciency Analyses of Public Key Cryptosystems

This thesis analyzes the security and e ciency of public key cryptosystems. New attacks for several cryptosystems are proposed and the e ectiveness of the attacks is evaluated. Furthermore, solutions are given to several unsolved problems in computational number theory and algebraic geometry theory that are closely related to the security of public key cryptosystems. Moreover, new calculation methods are proposed to speed up encryption and decryption. This thesis consists of the following eight chapters. Chapter 1 is the introduction. We explain the main purpose of our studies and overview previous works related to our studies. Chapter 2 gives the preliminaries. We summarize the mathematics and cryptosystems appearing in this thesis. We analyze the security of several cryptosystems from Chapter 3 to Chapter 6. In Chapter 3, we investigate how the elliptic curve factoring method, which is an e cient attack for public key cryptosystems, especially RSA cryptosystem, can be speeded up. In Chapter 4, we analyze the security of a certain type of elliptic curve cryptosystem de ned over a composite modulus. We also investigate the di culty of a known problem | the problem of counting the number of points on an elliptic curve over the ring Z=nZ |. This problem is assumed to be as di cult to solve as the cryptosystem is to break. We prove that this problem is computationally equivalent to a factoring problem. In Chapter 5, we investigate the di culty of an elliptic curve discrete logarithm problem over a super-anomalous elliptic curve. We prove that this problem can be solved in deterministic polynomial time. In Chapter 6, the multi-variate RSA cryptosystem is de ned and its security and e ciency are evaluated. We prove that this cryptosystem can be broken under an unusual usage. In Chapter 7, we describe how to speed up public key cryptosystems. We propose new methods to generate short addition chains. Moreover, we evaluate their e ciency. Chapter 8 is the conclusion. We summarize results obtained in this thesis.