An alternative technique for finding small roots of univaxiate modular equations is described. This approach is then compared with that taken in (Coppersmith, 1996), which links the concept of theâ€¦ (More)

We show that recent results of Coppersmith, Boneh, Durfee and Howgrave-Graham actually apply in the more general setting of (partially) approximate common divisors. This leads us to consider theâ€¦ (More)

We describe a lattice attack on the Digital Signature Algorithm (DSA) when used to sign many messages, mi, under the assumption that a proportion of the bits of each of the associated ephemeral keys,â€¦ (More)

In this paper, we study the complexity of solving hard knapsack problems, i.e., knapsacks with a density close to 1 where latticebased low density attacks are not an option. For such knapsacks, theâ€¦ (More)

We re-examine Paillier's cryptosystem, and show that by choosing a particular discrete log base g, and by introducing an alternative decryption procedure, we can extend the scheme to allow anâ€¦ (More)

We study a class of problems called Modular Inverse Hidden Number Problems (MIHNPs). The basic problem in this class is the following: Given many pairs ã€ˆ xi, msbk ( (Î±+ xi) âˆ’1 mod p )ã€‰ for random xiâ€¦ (More)

To date the NTRUEncrypt security parameters have been based on the existence of two types of attack: a meet-in-the-middle attack due to Odlyzko, and a conservative extrapolation of the running timesâ€¦ (More)

2007 IEEE International Symposium on Informationâ€¦

2007

The use of Lenstra-Lenstra-Lovasz (LLL) lattice reduction significantly improves the performance of zero-forcing (ZF) and successive interference cancellation (SIC) decoders in multi-inputâ€¦ (More)