Shparlinski
Le Jeudi 25 Janvier 2001 à 14h30
(Department of Computing, Macquarie University, Sydney)
Bit security of Diffie-Hellman and other related schemes
Résumé/Abstract :
I outline an approach proposed by Boneh and Venkatesan to proving
that last (log p)1/2 bits of the Diffie-Hellman key
gxy mod p are as secure as the whole key.
Unfortunately their paper has an error. I will show how to correct this
error and outline some other applications.
(Joint work with Isabel Gonzales Vasco.)
On the other hand I will show that the same approach can be
used to design an attack on DSA and other similar signature
schemes.
(Joint work with Phong Nguyen.)
These results are based on lattice reduction techniques and,
surprisingly enough on some new bounds of exponential sums.