The Discrete Log is Very Discreet


In this paper we consider the one-way function fg,N(X) = gX (modN) , where N is a Blum integer. We prove that under the commonly assumed intractabili ty of factoring Blum integers, almost all its bits are individually hard, and half of them are simultaneously hard. As a result, fg,N can be used in efficient pseudo-random bit generators and multi-bit… (More)
DOI: 10.1145/100216.100271