Igor E. Shparlinski

Bio: Igor E. Shparlinski is an academic researcher from University of New South Wales. The author has contributed to research in topics: Finite field & Prime (order theory). The author has an hindex of 42, co-authored 934 publications receiving 10137 citations. Previous affiliations of Igor E. Shparlinski include Max Planck Society & Russian Academy of Sciences.

The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces

Abstract: Nguyen and Shparlinski have recently presented a polynomial-time algorithm that provably recovers the signer’s secret DSA key when a few consecutive bits of the random nonces k (used at each signature generation) are known for a number of DSA signatures at most linear in log q (q denoting as usual the small prime of DSA), under a reasonable assumption on the hash function used in DSA. The number of required bits is about log1/2q, but can be decreased to log log q with a running time qO(1/log log q) subexponential in log q, and even further to two in polynomial time if one assumes access to ideal lattice basis reduction, namely an oracle for the lattice closest vector problem for the infinity norm. All previously known results were only heuristic, including those of Howgrave-Graham and Smart who introduced the topic. Here, we obtain similar results for the elliptic curve variant of DSA (ECDSA).

The insecurity of the digital signature algorithm with partially known nonces

Abstract: Here we present the polynomial-time algorithm of [417] which recovers theprivate keyof the signer if a small portion of bits of the so-callednoncein the Digital Signature Algorithm modulo a primepis known forsignatures.

Character Sums with Exponential Functions and their Applications

Abstract: Part I. Preliminaries: 1. Introduction 2. Notation and auxiliary results Part II. Bounds of Character Sums: 3. Bounds of long character sums 4. Bounds of short character sums 5. Bounds of character sums for almost all moduli 6. Bounds of Gaussian sums Part III. Multiplicative Translations of Sets: 7. Multiplicative translations of subgroups of F*p 8. Multiplicative translations of arbitrary sets modulo p Part IV. Applications to Algebraic Number Fields: 9 Representatives of residue classes 10. Cyclotomic fields and Gaussian periods Part V. Applications to Pseudo-random Number Generators: 11. Prediction of pseudo-random number generators 12. Congruential pseudo-random number generators Part VI. Applications to Finite Fields: 13. Small mth roots modulo p 14. Supersingular hyperelliptic curves 15. Distribution of powers of primitive roots 16. Difference sets in Vp 17. Dimension of BCH codes 18. An enumeration problem in finite fields.

On the statistical properties of Diffie-Hellman distributions

Abstract: Let p be a large prime such that p − 1 has some large prime factors, and let ϑ ∈ ℤ * be an r-th power residue for all small factors of p−1 The corresponding Diffie-Hellman (DH) distribution is (ϑ x , ϑ y , ϑ xy ) where x, y are randomly chosen from ℤ * A recently formulated assumption is that given p, ϑ of the above form it is infeasible to distinguish in reasonable time between DH distribution and triples of numbers chosen randomly from ℤ * This assumption, called the DH Indistinguishability (DHI) assumption, turns out to be quite useful and central in cryptography In an effort to investigate the validity of this assumption, we study some statistical properties of DH distributions Let ϑ be an element in ℤ * with sufficiently high multiplicative order We show that if one takes a positive (but sufficiently small) proportion of the most significant bits of each of ϑ x , ϑ y , ϑ xy then one obtains a distribution whose statistical distance from uniform is exponentially small A similar result holds with respect to the least significant bits of (ϑ x , ϑ y , ϑ xy ) We also show somewhat weaker bounds with respect to arbitrary subsets of bit-positions This remarkable property may help gaining assurance in the DHI assumption Our techniques are mainly number-theoretic We obtain an upper bound for double exponential sums with the function aϑ x + bϑ y + cϑ xy which sharpens and generalizes the previous estimates In particular, our bound implies the following result (for p, ϑ of the above form) Ranging over all x, y ∈ ℤ * , the vectors (ϑ x /p, ϑ y /p, ϑ xy /p) are very evenly distributed in the unit cube In order to make this work accessible to two groups of researchers, cryptographers and number theorists, we have decided to make it as self-contained as possible As a result, some parts of it, mainly targetted to one of these groups, may appear obvious to the other In particular we present some basic notions of the modern cryptography and on the other hand we give a short explanation how exponential sums show up in various questions related to uniform distribution of sequences

I and i

Abstract: There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality. Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

Fully homomorphic encryption using ideal lattices

Abstract: We propose a fully homomorphic encryption scheme -- i.e., a scheme that allows one to evaluate circuits over encrypted data without being able to decrypt. Our solution comes in three steps. First, we provide a general result -- that, to construct an encryption scheme that permits evaluation of arbitrary circuits, it suffices to construct an encryption scheme that can evaluate (slightly augmented versions of) its own decryption circuit; we call a scheme that can evaluate its (augmented) decryption circuit bootstrappable.Next, we describe a public key encryption scheme using ideal lattices that is almost bootstrappable.Lattice-based cryptosystems typically have decryption algorithms with low circuit complexity, often dominated by an inner product computation that is in NC1. Also, ideal lattices provide both additive and multiplicative homomorphisms (modulo a public-key ideal in a polynomial ring that is represented as a lattice), as needed to evaluate general circuits.Unfortunately, our initial scheme is not quite bootstrappable -- i.e., the depth that the scheme can correctly evaluate can be logarithmic in the lattice dimension, just like the depth of the decryption circuit, but the latter is greater than the former. In the final step, we show how to modify the scheme to reduce the depth of the decryption circuit, and thereby obtain a bootstrappable encryption scheme, without reducing the depth that the scheme can evaluate. Abstractly, we accomplish this by enabling the encrypter to start the decryption process, leaving less work for the decrypter, much like the server leaves less work for the decrypter in a server-aided cryptosystem.

Analytic Combinatorics

Abstract: Analytic Combinatorics is a self-contained treatment of the mathematics underlying the analysis of discrete structures, which has emerged over the past several decades as an essential tool in the understanding of properties of computer programs and scientific models with applications in physics, biology and chemistry. Thorough treatment of a large number of classical applications is an essential aspect of the presentation. Written by the leaders in the field of analytic combinatorics, this text is certain to become the definitive reference on the topic. The text is complemented with exercises, examples, appendices and notes to aid understanding therefore, it can be used as the basis for an advanced undergraduate or a graduate course on the subject, or for self-study.

Guide to Elliptic Curve Cryptography

Abstract: After two decades of research and development, elliptic curve cryptography now has widespread exposure and acceptance. Industry, banking, and government standards are in place to facilitate extensive deployment of this efficient public-key mechanism. Anchored by a comprehensive treatment of the practical aspects of elliptic curve cryptography (ECC), this guide explains the basic mathematics, describes state-of-the-art implementation methods, and presents standardized protocols for public-key encryption, digital signatures, and key establishment. In addition, the book addresses some issues that arise in software and hardware implementation, as well as side-channel attacks and countermeasures. Readers receive the theoretical fundamentals as an underpinning for a wealth of practical and accessible knowledge about efficient application. Features & Benefits: * Breadth of coverage and unified, integrated approach to elliptic curve cryptosystems * Describes important industry and government protocols, such as the FIPS 186-2 standard from the U.S. National Institute for Standards and Technology * Provides full exposition on techniques for efficiently implementing finite-field and elliptic curve arithmetic* Distills complex mathematics and algorithms for easy understanding* Includes useful literature references, a list of algorithms, and appendices on sample parameters, ECC standards, and software toolsThis comprehensive, highly focused reference is a useful and indispensable resource for practitioners, professionals, or researchers in computer science, computer engineering, network design, and network data security.