Analysis of Low Hamming Weight Products
نویسندگان
چکیده
Hoffstein and Silverman suggested a use of Low Hamming Weight Product (LHWP) to compute a random power in a group or a multiple of an element in a ring. It reduces the computation of powers in a group with fast endomorphisms such as the Galois field F2n and Koblitz elliptic curves. In this paper, we introduce a reduced representation of LHWP and apply them to attack the relevant cryptosystems.
منابع مشابه
Computation of Minimum Hamming Weight for Linear Codes
In this paper, we consider the minimum Hamming weight for linear codes over special finite quasi-Frobenius rings. Furthermore, we obtain minimal free $R$-submodules of a finite quasi-Frobenius ring $R$ which contain a linear code and derive the relation between their minimum Hamming weights. Finally, we suggest an algorithm that computes this weight using the Grobner basis and we show that und...
متن کاملA New Baby-Step Giant-Step Algorithm and Some Applications to Cryptanalysis
We describe a new variant of the well known Baby-Step Giant-Step algorithm in the case of some discrete logarithms with a special structure. More precisely, we focus on discrete logarithms equal to products in groups of unknown order. As an example of application, we show that this new algorithm enables to cryptanalyse a variant of the GPS scheme proposed by Girault and Lefranc at CHES 2004 con...
متن کاملRandom small Hamming weight products with applications to cryptography
There are many cryptographic constructions in which one uses a random power or multiple of an element in a group or a ring. We describe a fast method to compute random powers and multiples in certain important situations including powers in the Galois field F2n , multiples on Koblitz elliptic curves, and multiples in NTRU convolution polynomial rings. The underlying idea is to form a random exp...
متن کاملA Givens-Weight Representation for Rank Structured Matrices
In this paper we introduce a Givens-weight representation for rank structured matrices, where the rank structure is defined by certain low rank submatrices starting from the bottom left matrix corner. This representation will be compared to the (block) quasiseparable representations occurring in the literature. We will then provide some basic algorithms for the Givens-weight representation, in ...
متن کاملPublic Key Authentication with One (Online) Single Addition
We focus on the GPS identification scheme implementation in low cost chips, i.e not equipped with a microprocessor (such as those embedded in some prepaid telephone cards or RFID tags). We present three solutions to decrease the overall number of manipulated bits during the computation of the answer by a factor two or three. All the solutions stand in the use of low Hamming weight parameters. T...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Discrete Applied Mathematics
دوره 156 شماره
صفحات -
تاریخ انتشار 2008