ISSN:
1573-7586
Schlagwort(e):
Blum
;
Blum and Shub pseudo-random generator
;
RSA
;
iterated encryption
Quelle:
Springer Online Journal Archives 1860-2000
Thema:
Informatik
,
Mathematik
Notizen:
Abstract Let N and α be integers larger than 1. Define an orbit to be the collection of residues in $$Z_N^* $$ generated byiteratively applying $$x \to x^\alpha $$ mod N to an element $$x \in Z_N^* $$ which eventually maps back to itself.An orbit's length is the number of distinct residues in the orbit. When N isa large bicomposite integer, such as is commonly used in many cryptographicapplications, and when certain prime factorizations related to N are known,all orbit lengths and the number of orbits of each possible length can beefficiently computed using the results presented. If the required integerfactorizations are only partially known, the risk that a randomly selectedperiodic element might produce an orbit shorter than some (typically large)divisor of $$\phi (\phi (N))$$ can be bounded. The information needed to producesuch a bound is fully available when the prime factors of N are generatedusing the prime generation algorithm defined in Maurer maur. Resultspresented can assist in choosing wisely a modulus N for the Blum, Blum, andShub pseudo-random bit generator. If N is a bicomposite RSA modulus, theanalysis shows how to quantify the risk posed by an iterated encryptionattack.
Materialart:
Digitale Medien
URL:
http://dx.doi.org/10.1023/A:1008289605486
Permalink