Ikkwon Yie

XTR Extended to GF(p6m)

A. K. Lenstra and E. R. Verheul in [2] proposed a very efficient way called XTR in which certain subgroup of the Galois field GF(p6) can be represented by elements in GF(p2). At the end of their paper [2], they briefly mentioned on a method of generalizing their idea to the field GF(p6m). In this paper, we give a systematic design of this generalization and discuss about optimal choices for p and m with respect to performances. If we choose m large enough, we can reduce the size of p as small as the word size of common processors. In such a case, this extended XTR is well suited for the processors with optimized arithmetic on integers of word size.

CERTAIN CUBIC POLYNOMIALS OVER FINITE FIELDS

Motivated by XTR cryptosystem which is based on an irre- ducible polynomial x 3 i cx 2 + c p x i 1 over Fp2, we study polynomials of the form F(c;x) = x 3 i cx 2 + c q x i 1 over Fq2 with q = p m . In this paper, we establish a one to one correspondence between the set of such polynomials and a certain set of cubic polynomials over Fq. Our ap- proach is rather theoretical and provides an e-cient method to generate irreducible polynomials over Fq2.

Untraceability of Group Signature Schemes based on Bilinear Mapping and Their Improvement

The traceability is one of the core requirements for group signature schemes. Group signature schemes based on the bilinear mapping were proposed. The bilinearity of a bilinear mapping allows an efficient signature scheme verification for signature schemes based on the discrete logarithm type problem. But the bilinearity of a bilinear mapping can be an attack point with respect to the traceability for group signature schemes when it is designed in such a way that the linearity can be preserved. We show that Cheng-Zhu-Qiu-Wangs group signature schemes (X. Chen et al., 2005) based on bilinear mapping have no traceability property due to their improper use of a bilinear mapping in their signature generation and verification step. We also propose security enhanced group signature schemes for both of mini group signature scheme and improved group signature scheme of Cheng-Zhu-Qiu-Wangs

A privacy problem on Hu-Huang's proxy key generation protocol

A proxy signature scheme enables an original signer to delegate his signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. Recently, several ID-based proxy signature schemes have been proposed. ID-based Cryptosystems (ID-Cs) are advantageous than the traditional Public Key Cryptosystems (PKCs), as the key distribution is not required. But, an inherent problem of ID-Cs is the key escrow. Hu and Huang also proposed an ID-based proxy signature scheme with proxy key generation protocol. In Hu-Huangs scheme, whenever the original signer requests the Public Key Generation Center (PKG) to generate a proxy derivation key for a designated proxy signer, it generates a proxy key using the proxy signers private key without his agreement. Thus, the PKG gets to infringe general privacy laws and regulations. Also, this is an example of PKGs misuse of the users private key due to ID-Cs key escrow problem. To solve these problems we propose an improvement of Hu-Huangs scheme.

Prime Numbers of Diffie-Hellman Groups for IKE-MODP

For Discrete Logarithm Problem(DLP) based public key cryptography, the most time consuming task is the mathematical operations in the underlying finite field. For computational efficiency, a predeterminate form of prime p has been proposed to be used in Diffie-Hellman Groups for Internet Key Exchange(IKE). In this paper, we analyze the effect of pre-fixed bits of the prime numbers related to the security and efficiency and we suggest some alternative choices for prime p’s for More Modular Exponential (MODP) Diffie-Hellman groups as a substitute for Internet Key Exchange(IKE) which has been published as RFC of IETF recently.

Fast Generation of Cubic Irreducible Polynomials for XTR

XTR cryptosystem makes use of an irreducible polynomial F(c, x) = x3 - cx2 + cpx - 1 over a finite field Fp2. In this paper, we develop a new method to generate such an irreducible polynomial. Our method requires only computations of Jacobi symbols and thus improves those given [1], [2] and [3].

A Lattice Attack on Homomorphic NTRU with Non-invertible Public Keys

In 2011, Stehle and Steinfeld modified the original NTRU to get a provably IND-CPA secure NTRU under the hardness assumption of standard worst-case problems over ideal lattices. In 2012, Lopez-Alt et al. proposed the first multikey fully homomorphic encryption scheme based on the IND-CPA secure NTRU. Interestingly, this homomorphic NTRU and subsequent homomorphic variants of NTRU removed the condition ‘invertible public key’ of the underlying IND-CPA secure NTRU. In this paper, we investigate the security influence of using non-invertible public key in the homomorphic NTRU. As a result, we present how to mount a lattice attack to message recovery for the homomorphic NTRU when the public key is non-invertible. Our result suggests that using invertible public keys in the homomorphic NTRU is necessary for its security.

On Pairing Inversion of the Self-bilinear Map on Unknown Order Groups

A secure self-bilinear map is attractive since it can be naturally extended to a secure multi-linear map which has versatile applications in cryptography. However, it was known that a self-bilinear map on a cyclic group of a known order cannot be cryptographically secure. In 2014, Yamakawa et al. presented a self-bilinear map, the YYHK pairing, on unknown order groups by using an indistinguishability obfuscator as a building block. In this paper, we prove that the Pairing Inversion (PI) of the YYHK pairing is equivalently hard to the factorization of RSA modulus N as long as iO in the scheme is an indistinguishability obfuscator. First, we prove that the General Pairing Inversion (GPI) of the YYHK pairing \(e:G\times G\rightarrow G\) is always solvable. By using the solvability of GPI, we prove that PI and BDHP for the YYHK-pairing e are equivalently hard to CDHP in the cyclic group G. This equivalence concludes that PI for the YYHK-pairing is equivalently hard to the factorization of N.

Groups of permutations generated by functionlinear translator pairs

In [8], G. Kyureghyan showed that the function F(x)=x+f(x) is a permutation of Fqm when f:FqmFq is a function, Fqm is a b-linear translator for f for some b(1)Fq. His idea has been extended in [19] by Qin et al. and in [9] by M. Kyureghyan and Abrahamyan to finitely many functionlinear translator pairs. In this paper, we study the permutations generated by functionlinear translator pairs along G. Kyureghyans idea and prove that these permutations form groups whose group structures are well understood.

A correspondence of certain irreducible polynomials over finite fields

Abstract An explicit correspondence between certain cubic irreducible polynomials over F q and cubic irreducible polynomials of special type over F q 2 was established by Kim et al. In this paper, we give a generalization of their result to irreducible polynomials of odd prime degree. Our result includes the result of Kim et al. as a special case where the degree is three.