Cryptanalysis in Prime Order Subgroups of Z
نویسندگان
چکیده
Many cryptographic protocols and cryptosystems have been proposed to make use of prime order subgroups of Z n where n is the product of two large distinct primes. In this paper we analyze a number of such schemes. While these schemes were proposed to utilize the diiculty of factoring large integers or that of nding related hidden information (e.g., the order of the group Z n), our analyzes reveal much easier problems as their real security bases. We itemize three classes of security failures and formulate a simple algorithm for factoring n with a disclosed non-trivial factor of (n) where the disclosure is for making use of a prime order subgroup in Z n. The time complexity of our algorithm is O(n 1=4 =f) where f is a disclosed subgroup order. To factor such n of length up to 800 bits with the subgroup having a secure size against computing discrete logarithm, the new algorithm will have a feasible running time on use of a trivial size of storage.
منابع مشابه
Cryptanalysis in Prime Order Subgroups of Z*n
Many cryptographic protocols and cryptosystems have been proposed to make use of prime order subgroups of Z n where n is the product of two large distinct primes. In this paper we analyse a number of such schemes. While these schemes were proposed to utilise the diiculty of factoring large integers or that of nding a trapdoor in Z n (for instance, the order of an RSA group), our analyses show m...
متن کاملNew characterization of some linear groups
There are a few finite groups that are determined up to isomorphism solely by their order, such as $mathbb{Z}_{2}$ or $mathbb{Z}_{15}$. Still other finite groups are determined by their order together with other data, such as the number of elements of each order, the structure of the prime graph, the number of order components, the number of Sylow $p$-subgroups for each prime $p$, etc. In this...
متن کاملFinite groups with $X$-quasipermutable subgroups of prime power order
Let $H$, $L$ and $X$ be subgroups of a finite group$G$. Then $H$ is said to be $X$-permutable with $L$ if for some$xin X$ we have $AL^{x}=L^{x}A$. We say that $H$ is emph{$X$-quasipermutable } (emph{$X_{S}$-quasipermutable}, respectively) in $G$ provided $G$ has a subgroup$B$ such that $G=N_{G}(H)B$ and $H$ $X$-permutes with $B$ and with all subgroups (with all Sylowsubgroups, respectively) $...
متن کاملCOUNTING DISTINCT FUZZY SUBGROUPS OF SOME RANK-3 ABELIAN GROUPS
In this paper we classify fuzzy subgroups of a rank-3 abelian group $G = mathbb{Z}_{p^n} + mathbb{Z}_p + mathbb{Z}_p$ for any fixed prime $p$ and any positive integer $n$, using a natural equivalence relation given in cite{mur:01}. We present and prove explicit polynomial formulae for the number of (i) subgroups, (ii) maximal chains of subgroups, (iii) distinct fuzzy subgroups, (iv) non-isomorp...
متن کاملStructure of finite wavelet frames over prime fields
This article presents a systematic study for structure of finite wavelet frames over prime fields. Let $p$ be a positive prime integer and $mathbb{W}_p$ be the finite wavelet group over the prime field $mathbb{Z}_p$. We study theoretical frame aspects of finite wavelet systems generated by subgroups of the finite wavelet group $mathbb{W}_p$.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1998