Bivariate Polynomials Modulo Composites and their Applications

@article{Boneh2014BivariatePM,
  title={Bivariate Polynomials Modulo Composites and their Applications},
  author={Dan Boneh and Henry Corrigan-Gibbs},
  journal={IACR Cryptol. ePrint Arch.},
  year={2014},
  volume={2014},
  pages={719}
}
We investigate the hardness of finding solutions to bivariate polynomial congruences modulo RSA composites. We establish necessary conditions for a bivariate polynomial to be one-way, second preimage resistant, and collision resistant based on arithmetic properties of the polynomial. From these conditions we deduce a new computational assumption that implies an efficient algebraic collision-resistant hash function. We explore the assumption and relate it to known computational problems. The… 
Zero-Knowledge Arguments for Lattice-Based Accumulators: Logarithmic-Size Ring Signatures and Group Signatures Without Trapdoors
TLDR
This paper provides an efficient method of proving statements using involved extensions of Stern's protocol to efficiently prove the membership of some element in a zero-knowledge manner, and describes new lattice-based group and ring signatures in the random oracle model.
Bivariate polynomial injections and elliptic curves
For every number field k , we construct an affine algebraic surface X over k with a Zariski dense set of k -rational points, and a regular function f on X inducing an injective map $$X(k)\rightarrow
Partial Bits Exposure Attacks on a New Commitment Scheme Based on the Zagier Polynomial
TLDR
Several types of partial bits exposure attacks on a new statistically hiding and computationally binding commitment scheme based on the collision-resistant property of the Zagier polynomial are described.
Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials
TLDR
The ABC system is the first credential system whose bandwidth required for credential showing is independent of the number of its attributes, i.e., constant-size, and strengthened game-based security definitions for ABC are proposed and proved.
Functional Commitment Schemes: From Polynomial Commitments to Pairing-Based Accumulators from Simple Assumptions
TLDR
A construction of functional commitment for linear functions based on constantsize assumptions in composite order groups endowed with a bilinear map is proposed, which leads to the first pairing-based polynomial commitments and accumulators for large universes known to achieve security under simple assumptions.
Revisiting Cryptographic Accumulators, Additional Properties and Relations to other Primitives
TLDR
This paper presents a unifying model capturing all existing features of cryptographic accumulators and shows how this model can turn out to be valuable as it allows to use accumulators in a black-box fashion.
Commitment Schemes and Diophantine Equations
TLDR
This work looks for diophantine equations that are hard to solve but for which determining the number of solutions is easy.
Cryptanalysis of Au et al. Dynamic Universal Accumulator
TLDR
This paper cryptanalyse the two accumulator variants proposed by Au et al. and shows that if nonmembership witnesses are issued according to the α-based construction, colluding users can efficiently discover the secret accumulator parameter α and takeover the Accumulator Manager.
Chameleon accumulator and its applications
Dynamic Universal Accumulator with Batch Update over Bilinear Groups
TLDR
The proposed scheme is suitable as an efficient and scalable Anonymous Credential System, accessible even by low-resource users, and shows security of the proposed protocol in the Generic Group Model under a (new) generalized version of the t-SDH assumption.
...
...

References

SHOWING 1-10 OF 48 REFERENCES
The Application of Claw Free Functions in Cryptography: - Unconditional Protection in Cryptographic Protocols
TLDR
This thesis shows how to solve the famous multiparty computation problem, while achieving un conditional privacy protection for one participant, which is the optimal result in the model of communication.
Public Key Encryption and Signature Schemes Based on Polynomials over Zn
TLDR
A public key encryption scheme where the message blocks are encrypted as roots of a polynomial over Zn and a signature scheme where a short signature can be generated for a long message without using a hash function.
Secure Hash-and-Sign Signatures Without the Random Oracle
TLDR
A new signature scheme is presented which is existentially unforgeable under chosen message attacks, assuming some variant of the RSA conjecture, and is unique in that the assumptions made on the cryptographic hash function in use are well defined and reasonable.
Secure Accumulators from Euclidean Rings without Trusted Setup
  • H. Lipmaa
  • Mathematics, Computer Science
    ACNS
  • 2012
TLDR
A new instantiation of the root accumulator is proposed, based on class groups of imaginary quadratic order, that has short (non)membership proofs like the RSA accumulator, and at the same time it is secure against a malicious certificate authority.
On Cryptographic Assumptions and Challenges
  • M. Naor
  • Computer Science, Mathematics
    CRYPTO
  • 2003
TLDR
This work proposes several open problems regarding cryptographic tasks that currently do not have a good challenge of that sort by creating a challenge to their validity by classifying computational assumptions based on the complexity of falsifying them.
An efficient solution of the congruence x2+ky2=mpmod{n}
TLDR
A solution can easily be found if k and m are relatively prime to n and under the assumption of the generalized Riemann hypothesis, a solution can be found by a probabilistic algorithm in O(\log n)^{2}|\log\log|k||) arithmetical steps on O(\ log n) -bit integers.
Short Pairing-Based Non-interactive Zero-Knowledge Arguments
  • Jens Groth
  • Mathematics, Computer Science
    ASIACRYPT
  • 2010
TLDR
This work constructs non-interactive zero-knowledge arguments for circuit satisfiability with perfect completeness, perfect zero- knowledge and computational soundness and security is based on two new cryptographic assumptions.
Hash Functions from Sigma Protocols and Improvements to VSH
TLDR
This work obtains, via a modified version of the Fiat-Shamir protocol, the fastest known hash function that is provably collision-resistant based on the standard factoring assumption and provides a modified VSH* of VSH which is faster when hashingshort messages.
A Design Principle for Hash Functions
TLDR
Apart from suggesting a generally sound design principle for hash functions, the results give a unified view of several apparently unrelated constructions of hash functions proposed earlier, and suggests changes to other proposed constructions to make a proof of security potentially easier.
Some remarks on the abc -conjecture
Let r(x) be the product of all distinct primes dividing a nonzero integer x . The abc-conjecture says that if a, b, c are nonzero relatively prime integers such that a + b + c = 0, then the biggest
...
...