Skip to main content
MathOverflow

Questions tagged [cryptography]

Ask Question

Questions concerning the mathematics of secure communication. Relevant topics include elliptic curve cryptography, secure key exchanges, and public-key cryptography (e.g. the RSA cryptosystem).

217 questions
Newest Active Bountied Unanswered
2 votes
1 answer
60 views

I am implementing threshold Paillier encryption scheme. In the "regular" Paillier scheme, the decryption key is defined as $d = \phi(N)$ whereas in the instantiation of threshold Paillier I ...
leoha's user avatar
  • 21
4 votes
1 answer
340 views

In cryptography, it seems to be a common choice to use the so-called Jacobian coordinates to represent a point of an elliptic curve (see e.g. Elliptic Curves: Number Theory and Cryptography, L. C. ...
Weier's user avatar
  • 371
2 votes
1 answer
141 views

We define the successive minima in a lattice $L$ of rank $n$ as in Daniele Micciancio and Shafi Goldwasser, Complexity of lattice problems. A cryptographic perspective, The Kluwer International Series ...
Wulfhartus's user avatar
  • 41
2 votes
0 answers
580 views

First, remember bn curves is a class of elliptic curves defined over curve $y^2=x^3+3$ with embedding degree 12 and $\mathbb G_2$ points lying over the curve twist $\frac {Y^2 = X^3 + 3}{i+9}$ defined ...
Emilie's user avatar
  • 67
1 vote
0 answers
108 views

The aim is for pairing inversion where miller inversion can only work if an equation is satisfied. So given a finite field modulus $q$ having degree $k$ ; and a finite field element $z$ having ...
Emilie's user avatar
  • 67
2 votes
0 answers
192 views

Let it be a finite field $FF$ with 2 finite field elements having their discrete logarithm in a large prime subgroup $s$ of $FF$… Will the only way to map the discrete logarithm of $FF$ always be to ...
Emilie's user avatar
  • 67
-3 votes
2 answers
688 views

Background and Motivation The golden ratio, $$ \phi = \frac{1 + \sqrt{5}}{2}, $$ is a well-known irrational constant that appears frequently in geometry, algebra, and in the Fibonacci and Lucas ...
Dev Sharma's user avatar
  • 559
1 vote
0 answers
216 views

There are many NP-complete problems, e.g. SAT, CVP, SIS, graph colouring, Minesweeper etc. By definition there are polynomial time reductions from one to another of these, at least in their decision ...
Oisin Robinson's user avatar
  • 273
2 votes
1 answer
138 views

There are several algorithms for lattice reductions in $n$-dimensions, LLL, etc. Here the lattice in question is in ${\mathbb R}^n$ and the basis vectors $b_1, \ldots, b_n$ are usually assumed to be ...
Victor Ramos's user avatar
  • 1,426
1 vote
1 answer
104 views

In Theorem 8 of Micciancio’s lecture notes, a reduction from the Closest Vector Problem (CVP) to its optimization version (OptCVP) is given under the assumption that the lattice basis $B \in \mathbb{Z}...
Sunil Kumar's user avatar
  • 21
1 vote
1 answer
229 views

We got some unexpected to us results. Let $E$ be an elliptic curve over a finite field of large characteristic. For positive integer $k$, let $D=2^k$ and assume the order of $E$ is $\rho=D t$ with $t$ ...
joro's user avatar
  • 25.7k
3 votes
1 answer
348 views

During my research, I came across this question. Let $p>11$ a prime number with $a=\text{card}\{(x,y) \in \mathbb Z/ p \mathbb Z: y^2=x^3+1\}$ and $b=\dfrac 1 {((p-1)/2)! \times ((p-1)/3)! \times ((...
Dattier's user avatar
  • 6,003
1 vote
0 answers
109 views

As context, I'll start with summarizing and simplifying the section of "UMAC: Fast and Secure Message Authentication", by Black et al.(https://www.cs.ucdavis.edu/~rogaway/papers/umac-full....
Jim Apple's user avatar
  • 111
3 votes
0 answers
143 views

An $n$ dimensional lattice is the set of integer linear combinations of $n$ linearly independent vectors in $\mathbb{R}^{d}$ ($d\le n$). The $n$ independent vectors are called the basis of the lattice,...
Péter Fazekas's user avatar
  • 169
2 votes
0 answers
129 views

I should start with stating that my question stems from the proof of lemma 6 in the following paper: Jung Hee Cheon, Hyeongmin Choe, Julien Devevey, Tim Güneysu, Dongyeon Hong, Markus Krausz, Georg ...
Jaz's user avatar
  • 21

15 30 50 per page
1
2 3 4 5
15