Paper 2003/049

Hidden Number Problem in Small Subgroups

Igor Shparlinski and Arne Winterhof

Abstract

Boneh and Venkatesan have proposed a polynomial time algorithm for recovering a "hidden" element $\alpha \in \F_p$, where $p$ is prime, from rather short strings of the most significant bits of the residue of $\alpha t$ modulo $p$ for several randomly chosen $t\in \F_p$. Gonzälez Vasco and the first author have recently extended this result to subgroups of $\F_p^*$ of order at least $p^{1/3+\varepsilon}$ for all $p$ and to subgroups of order at least $p^\varepsilon$ for almost all $p$. Here we introduce a new modification in the scheme which amplifies the uniformity of distribution of the `multipliers' $t$ and thus extend this result to subgroups of order at least $(\log p)/(\log \log p)^{1-\varepsilon}$ for all primes $p$. As in the above works, we give applications of our result to the bit security of the Diffie--Hellman secret key starting with subgroups of very small size, thus including all cryptographically interesting subgroups.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Hidden number problemExponential sumsDiffie-Hellman scheme
Contact author(s)
igor @ comp mq edu au
History
2003-03-13: received
Short URL
https://ia.cr/2003/049
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2003/049,
      author = {Igor  Shparlinski and Arne Winterhof},
      title = {Hidden Number Problem in Small  Subgroups},
      howpublished = {Cryptology {ePrint} Archive, Paper 2003/049},
      year = {2003},
      url = {https://eprint.iacr.org/2003/049}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.