Non-uniform cracks in the concrete: The power of free precomputation

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 8270 LNCS, Issue PART 2, 2013, Pages 321-340

  Bernstein, Daniel J ^a,b   Lange, Tanja ^b  

^a University of Illinois at Chicago   (United States)

^b EINDHOVEN UNIVERSITY OF TECHNOLOGY   (Netherlands)

Author keywords

algorithm cost metrics; concrete security; non constructive algorithms; non uniform algorithms; provable security

Indexed keywords

CONCRETE SECURITIES; COST METRICS; HIGHER-LEVEL PROTOCOLS; NON-UNIFORM; PROVABLE SECURITY; SECURITY DEFINITIONS; SECURITY PROBLEMS; STANDARD DEFINITIONS;

ALGORITHMS; CONCRETES; SECURITY OF DATA;

CRYPTOGRAPHY;

EID: 84892402173     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-42045-0_17     Document Type: Conference Paper

References (49)

1. Bellare, M.: New proofs for NMAC and HMAC: Security without collisionresistance. In: Crypto 2006 [40], pp. 602-619 (2006) Cited in §1, §1.1, §1.3, §2.6
2. Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Crypto 1994 [38], pp. 341-358 (1994); see also newer version [12]. Cited in §1.2
3. Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences 61, 362-399 (2000); see also older version [11]. Cited in §1, §1, §1, §1.2, §1.2, §1.2
4. Bellare, M., Rogaway, P.: Optimal asymmetric encryption-how to encrypt with RSA. In: Eurocrypt 1994 [37], pp. 92-111 (1995) Cited in §1
5. Bellare, M., Rogaway, P.: The exact security of digital signatures: How to sign with RSA and Rabin. In: Eurocrypt 1996 [64], pp. 399-416 (1996) Cited in §1, §1.1
6. Bellare, M., Rogaway, P.: Introduction to modern cryptography (2005), http://cseweb.ucsd.edu/∼mihir/cse207/classnotes.html. Cited in §1, §1.1, §2.6
7. Bernstein, D.J.: Circuits for integer factorization: A proposal (2001), http://cr.yp.to/papers.html#nfscircuit. Cited in §5.4
8. Bernstein, D.J.: How to find smooth parts of integers (2004), http://cr.yp.to/papers.html#smoothparts. Cited in § 5.1
9. Bernstein, D.J.: Scaled remainder trees (2004), http://cr.yp.to/papers. html#scaledmod. Cited in §5.3
10. Bernstein, D.J., Lange, T.: Computing small discrete logarithms faster. In: Indocrypt 2012 [41], pp. 317-338 (2012) Cited in §3.2, §3.4
11. Biham, E., Goren, Y.J., Ishai, Y.: Basing weak public-key cryptography on strong one-way functions. In: TCC 2008 [31], pp. 55-72 (2008) Cited in §2.6
12. Biryukov, A., Shamir, A.: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Asiacrypt 2000 [70], pp. 1-13 (2000) Cited in §2.6
13. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique cryptanalysis of the full AES. In: Asiacrypt 2011 [60], pp. 344-371 (2011) Cited in §1
14. Brent, R.P., Kung, H.T.: The area-time complexity of binary multiplication. Journal of the ACM 28, 521-534 (1981) Cited in §1.2
15. Buhler, J.P., Lenstra Jr., H.W., Pomerance, C.: Factoring integers with the number field sieve. In: [63], pp. 50-94 (1993) Cited in §5.1, §5.1, §5.1, §5.4
16. Canetti, R. (ed.): TCC 2008. LNCS, vol. 4948. Springer (2008). See [23]
17. Commeine, A., Semaev, I.: An algorithm to solve the discrete logarithm problem with the number field sieve. In: PKC 2006 [91], pp. 174-190 (2006) Cited in §4.2
18. Coppersmith, D.: Modifications to the number field sieve. Journal of Cryptology 6, 169-180 (1993) Cited in §5.4, §5.4
19. De, A., Trevisan, L., Tulsiani, M.: Non-uniform attacks against one-way functions and PRGs. Electronic Colloquium on Computational Complexity 113 (2009); see also newer version [36]
20. De, A., Trevisan, L., Tulsiani, M.: Time space tradeoffs for attacks against oneway functions and PRGs. In: Crypto 2010 [ 75], pp. 649-665 (2010); see also older version [35]. Cited in §2.6, §2.6
21. De Santis, A. (ed.): Eurocrypt 1994. LNCS, vol. 950. Springer (1995). See [14]
22. Desmedt, Y. (ed.): Crypto 1994. LNCS, vol. 839. Springer (1994). See [11]
23. Dodis, Y., Steinberger, J.: Message authentication codes from unpredictable block ciphers. In: Crypto 2009 [44], pp. 267-285 (2009) Cited in §2.6
24. Dwork, C. (ed.): Crypto 2006. LNCS, vol. 4117. Springer (2006). See [7]
25. Galbraith, S., Nandi, M. (eds.): Indocrypt 2012. LNCS, vol. 7668. Springer (2012). See [22]
26. Halevi, S. (ed.): Crypto 2009. LNCS, vol. 5677. Springer (2009). See [39]
27. Hellman, M.E.: A cryptanalytic time-memory tradeoff. IEEE Transactions on Information Theory 26, 401-406 (1980) Cited in §2.6
28. Hitchcock, Y., Montague, P., Carter, G., Dawson, E.: The efficiency of solving multiple discrete logarithm problems and the implications for the security of fixed elliptic curves. International Journal of Information Security 3, 86-98 (2004) Cited in §3.4
29. Hong, J., Sarkar, P.: New applications of time memory data tradeoffs. In: Asiacrypt 2005 [78], pp. 353-372 (2005) Cited in §2.6
30. Joux, A., Lercier, R.: Improvements to the general number field sieve for discrete logarithms in prime fields. A comparison with the Gaussian integer method. Mathematics of Computation 72, 953-967 (2003) Cited in §4.2
31. Katz, J., Lindell, Y.: Introduction to modern cryptography: Principles and protocols. Chapman & Hall/CRC (2007) Cited in §1
32. Koblitz, N., Menezes, A.: Another look at HMAC (2012), http://eprint.iacr.org/2012/074. Cited in §1.2, §1.3, §1.3, §1.3, §2.6
33. Koblitz, N., Menezes, A.: Another look at non-uniformity (2012), http://eprint.iacr.org/2012/359. Cited in §1.2, §1.3, §1.3
34. Kuhn, F., Struik, R.: Random walks revisited: Extensions of Pollard's rho algorithm for computing multiple discrete logarithms. In: SAC 2001 [89], pp. 212-229 (2001) Cited in §3.4
35. Lee, D.H., Wang, X. (eds.): Asiacrypt 2011. LNCS, vol. 7073. Springer (2011). See [27]
36. Lee, H.T., Cheon, J.H., Hong, J.: Accelerating ID-based encryption based on trapdoor DL using pre-computation, 11 January 2012 (2012), http://eprint.iacr.org/2011/187. Cited in §3.4
37. Lenstra, A.K., Lenstra Jr., H.W. (eds.): The development of the number field sieve. LNM, vol. 1554. Springer (1993). See [30]
38. Maurer, U.M. (ed.): Eurocrypt 1996. LNCS, vol. 1070. Springer (1996). See [15]
39. NIST: Announcing request for candidate algorithm nominations for the Advanced Encryption Standard (AES) (1997), http://www.gpo.gov/fdsys/pkg/FR-1997- 09-12/pdf/97-24214.pdf. Cited in §1
40. NIST: Digital signature standard, Federal Information Processing Standards Publication 186-2 (2000), http://csrc.nist.gov. Cited in §3
41. Okamoto, T. (ed.): Asiacrypt 2000. LNCS, vol. 1976. Springer (2000). See [25]
42. van Oorschot, P.C., Wiener, M.: Parallel collision search with cryptanalytic applications. Journal of Cryptology 12, 1-28 (1999) Cited in §3.1
43. Pollard, J.M.: Monte Carlo methods for index computation mod p. Mathematics of Computation 32, 918-924 (1978) Cited in §3.1
44. Rabin, T. (ed.): Crypto 2010. LNCS, vol. 6223. Springer (2010). See [36]
45. Roy, B. (ed.): Asiacrypt 2005. LNCS, vol. 3788. Springer (2005). See [49]
46. Schönhage, A.: Storage modification machines. SIAM Journal on Computing 9, 490-508 (1980) Cited in §5.3
47. Teske, E.: On random walks for Pollard's rho method. Mathematics of Computation 70, 809-825 (2001) Cited in §3.1
48. Vaudenay, S., Youssef, A.M. (eds.): SAC 2001. LNCS, vol. 2259. Springer (2001). See [58]
49. Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.): PKC 2006. LNCS, vol. 3958. Springer (2006). See [32]