A survey of cryptosystems based on imaginary quadratic orders
نویسنده
چکیده
Since nobody can guarantee that popular public key cryptosystems based on factoring or the computation of discrete logarithms in some group will stay secure forever, it is important to study different primitives and groups which may be utilized if a popular class of cryptosystems gets broken. A promising candidate for a group in which the DL-problem seems to be hard is the class group Cl(∆) of an imaginary quadratic order, as proposed by Buchmann and Williams [BuWi88]. Recently this type of group has obtained much attention, because there was proposed a very efficient cryptosystem based on non-maximal imaginary quadratic orders [PaTa98a], later on called NICE (for New Ideal Coset Encryption) with quadratic decryption time. To our knowledge this is the only scheme having this property. First implementations show that the time for decryption is comparable to RSA encryption with e = 216 + 1. Very recently there was proposed an efficient NICE-Schnorr type signature scheme [HuMe99] for which the signature generation is more than twice as fast as in the original scheme based on IFp. Due to these results there has been increasing interest in cryptosystems based on imaginary quadratic orders. Therefore it seems necessary to provide an up to date survey to facilitate further work in this direction. Our survey will discuss the history, the state of the art and future directions of cryptosystems based on imaginary quadratic orders.
منابع مشابه
Security of Cryptosystems Based on Class Groups of Imaginary Quadratic Orders
In this work we investigate the difficulty of the discrete logarithm problem in class groups of imaginary quadratic orders. In particular, we discuss several strategies to compute discrete logarithms in those class groups. Based on heuristic reasoning, we give advice for selecting the cryptographic parameter, i.e. the discriminant, such that cryptosystems based on class groups of imaginary quad...
متن کاملOn the Public Key Cryptosystems over Class Semigroups of Imaginary Quadratic Non-maximal Orders
In this paper we will propose the methods for finding the non-invertible ideals corresponding to non-primitive quadratic forms and clarify the structures of class semigroups of imaginary quadratic orders which were given by Zanardo and Zannier [8], and we will give a general algorithm for calculating power of ideals/classes via the Dirichlet composition of quadratic forms which is applicable to...
متن کاملReducing Logarithms in Totally Non-maximal Imaginary Quadratic Orders to Logarithms in Finite Fields
Since nobody can guarantee that the computation of discrete logarithms in elliptic curves or IF p remains intractible for the future it is important to study cryptosystems based on alternative groups. A promising candidate, which was proposed by Buch-mann and Williams 8], is the class group C l(() of an imaginary quadratic order O. This ring is isomorphic to the endomorphism ring of a non-super...
متن کاملA NICE Cryptanalysis
We present a chosen-ciphertext attack against both NICE cryptosystems. These two cryptosystems are based on computations in the class group of non-maximal imaginary orders. More precisely, the systems make use of the canonical surjection between the class group of the quadratic order of discriminant p −pq2 and the class group of the quadratic order of discriminant √−p. In this paper, we examine...
متن کاملAn Adaptation of the NICE Cryptosystem to Real Quadratic Orders
Security of electronic data has become indispensable to today’s global information society, and public-key cryptography, a key element to securing internet communication, has gained increasing interest as a vital subject of research. Numerous public-key cryptosystems have been proposed that use allegedly intractable number theoretic problems as a basis of their security. One example is NICE, in...
متن کامل