Abstract
This work extends the line of research on the hidden number problem. Motivated by studying bit security in finite fields, we define the multivariate hidden number problem. Here, the secret and the multiplier are vectors, and partial information about their dot product is given. Using tools from discrete Fourier analysis introduced by Akavia, Goldwasser and Safra, we show that if one can find the significant Fourier coefficients of some function, then one can solve the multivariate hidden number problem for that function. This allows us to generalise the work of Akavia on the hidden number problem with (non-adaptive) chosen multipliers to all finite fields.
We give two further applications of our results, both of which generalise previous works to all (finite) extension fields. The first considers the general (random samples) hidden number problem in \(\mathbb{F}_{p^m}\) and assumes an advice is given to the algorithm. The second considers a model that allows changing representations, where we show hardness of individual bits for elliptic curve and pairing based functions for elliptic curves over extension fields, as well as hardness of any bit of any component of the Diffie-Hellman secret in \(\mathbb{F}_{p^m} (m>1)\).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akavia, A.: Learning Noisy Characters, Multiplication Codes and Hardcore Predicates. Ph.D. Thesis, Massachusetts Institute of Technology (2008)
Akavia, A.: Solving Hidden Number Problem with One Bit Oracle and Advice. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 337–354. Springer, Heidelberg (2009)
Akavia, A., Goldwasser, S., Safra, S.: Proving Hard-Core Predicates Using List Decoding. In: FOCS 2003, pp. 146–157. IEEE Computer Society, Washington (2003)
Alexi, W., Chor, B., Goldreich, O., Schnorr, C.P.: RSA and Rabin Functions: Certain Parts are as Hard as the Whole. SIAM Journal on Computing 17(2), 194–209 (1988)
Ben-Or, M., Chor, B., Shamir, A.: On the Cryptographic Security of Single RSA Bits. In: Johnson, D.S., Fagin, R., Fredman, M.L., Harel, D., Karp, R.M., Lynch, N.A., Papadimitriou, C.H., Rivest, R.L., Ruzzo, W.L., Seiferas, J.I. (eds.) STOC 1983, pp. 421–430. ACM, New York (1983)
Boneh, D., Shparlinski, I.E.: On the Unpredictability of Bits of the Elliptic Curve Diffie–Hellman Scheme. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 201–212. Springer, Heidelberg (2001)
Boneh, D., Venkatesan, R.: Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)
Boneh, D., and Venkatesan, R.: Rounding in Lattices and its Cryptographic Applications. In: Saks, M.E. (ed.) SODA 1997, pp. 675–681. ACM/SIAM, Philadelphia (1997)
Duc, A., Jetchev, D.: Hardness of Computing Individual Bits for One-Way Functions on Elliptic Curves. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 832–849. Springer, Heidelberg (2012)
De Mulder, E., Hutter, M., Marson, M.E., Pearson, P.: Using Bleichenbacher”s Solution to the Hidden Number Problem to Attack Nonce Leaks in 384-Bit ECDSA. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 435–452. Springer, Heidelberg (2013)
Verheul, E.R.: Certificates of Recoverability with Scalable Recovery Agent Security. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 258–275. Springer, Heidelberg (2000)
Fazio, N., Gennaro, R., Perera, I.M., Skeith III, W.E.: Hard-Core Predicates for a Diffie-Hellman Problem over Finite Fields. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 148–165. Springer, Heidelberg (2013)
Goldreich, O., Levin, L.A.: A Hard-Core Predicate for all One-Way Functions. In: Johnson, D.S. (ed.) STOC 1989, pp. 25–32. ACM, New York (1989)
Aranha, D.F., Fouque, P.-A., Gérard, B., Kammerer, J.-G., Tibouchi, M., Zapalowicz, J.-C.: GLV/GLS Decomposition, Power Analysis, and Attacks on ECDSA Signatures with Single-Bit Nonce Bias. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 262–281. Springer, Heidelberg (2014)
Kushilevitz, E., Mansour, Y.: Learning Decision Trees Using the Fourier Sprectrum. In: Koutsougeras, C., Vitter, J.S. (eds.) STOC 1991, pp. 455–464. ACM, New York (1991)
Morillo, P., Ràfols, C.: The Security of All Bits Using List Decoding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 15–33. Springer, Heidelberg (2009)
Mansour, Y.: Learning Boolean Functions via the Fourier Transform. In: Roychowdhury, V., Siu, K.Y., Orlitsky, A. (eds.) Theoretical Advances in Neural Computation and Learning, pp. 391–424. Kluwer Academic Publishers (1994)
Shparlinski, I.: Playing “Hide-and-Seek” in Finite Fields: Hidden Number Problem and its Applications. In: Proceedings of the Seventh Spanish Meeting on Cryptology and Information Security, vol. 1, pp. 49–72. University of Oviedo (2002)
Shparlinski, I.E., Winterhof, A.: A Nonuniform Algorithm for the Hidden Number Problem in Subgroups. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 416–424. Springer, Heidelberg (2004)
Wang, M., Zhan, T., and Zhang, H.: Bits Security of the CDH Problems over Finite Fields. Cryptology ePrint Archive, Report 2014/685 (2014), http://eprint.iacr.org/2014/685
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Galbraith, S.D., Shani, B. (2015). The Multivariate Hidden Number Problem. In: Lehmann, A., Wolf, S. (eds) Information Theoretic Security. ICITS 2015. Lecture Notes in Computer Science(), vol 9063. Springer, Cham. https://doi.org/10.1007/978-3-319-17470-9_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-17470-9_15
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17469-3
Online ISBN: 978-3-319-17470-9
eBook Packages: Computer ScienceComputer Science (R0)