Introduction to Public-Key Cryptography

Handbook of Elliptic and Hyperelliptic Curve Cryptography Pub Date : 2005-07-19 DOI:10.1201/9781420034981.ch1

R. Avanzi, T. Lange

{"title":"Introduction to Public-Key Cryptography","authors":"R. Avanzi, T. Lange","doi":"10.1201/9781420034981.ch1","DOIUrl":null,"url":null,"abstract":"In this chapter we introduce the basic building blocks for cryptography based on the discrete logarithm problem that will constitute the main motivation for considering the groups studied in this book. We also briefly introduce the RSA cryptosystem as for use in practice it is still an important public-key cryptosystem. Assume a situation where two people, called Alice and Bob in the sequel (the names had been used since the beginning of cryptography because they allow using the letters A and B as handy abbreviations), want to communicate via an insecure channel in a secure manner. In other words, an eavesdropper Eve (abbreviated as E) listening to the encrypted conversation should not be able to read the cleartext or change it. To achieve these aims one uses cryptographic primitives based on a problem that should be easy to set up by either Alice, or Bob, or by both, but impossible to solve for Eve. Loosely speaking, infeasibility means computational infeasibility for Eve if she does not have at least partial access to the secret information exploited by Alice and Bob to set up the problem. Examples of such primitives are RSA, cf. [PKCS], which could be solved if the integer factorization problem was easy, i.e., if one could find a nontrivial factor of a composite integer n, and the discrete logarithm problem, i.e., the problem of finding an integer k with [k]P = Q where P is a generator of a cyclic group (G,?) and Q ? G. These primitives are reviewed in Sections 1.4.3 and 1.5. They are applied in a prescribed way given by protocols. We will only briefly state the necessary problems and hardness assumptions in Section 1.6 but not go into the details. Then we go briefly into issues of primality proving and integer factorization. The next section is devoted to discrete logarithm systems. This is the category of cryptographic primitives in which elliptic and hyperelliptic curves are applied. Finally, we consider protocols, i.e., algorithms using the cryptographic primitive to establish a common key, encrypt a message for a receiver, or sign electronically.","PeriodicalId":131128,"journal":{"name":"Handbook of Elliptic and Hyperelliptic Curve Cryptography","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Handbook of Elliptic and Hyperelliptic Curve Cryptography","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1201/9781420034981.ch1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 31

Abstract

In this chapter we introduce the basic building blocks for cryptography based on the discrete logarithm problem that will constitute the main motivation for considering the groups studied in this book. We also briefly introduce the RSA cryptosystem as for use in practice it is still an important public-key cryptosystem. Assume a situation where two people, called Alice and Bob in the sequel (the names had been used since the beginning of cryptography because they allow using the letters A and B as handy abbreviations), want to communicate via an insecure channel in a secure manner. In other words, an eavesdropper Eve (abbreviated as E) listening to the encrypted conversation should not be able to read the cleartext or change it. To achieve these aims one uses cryptographic primitives based on a problem that should be easy to set up by either Alice, or Bob, or by both, but impossible to solve for Eve. Loosely speaking, infeasibility means computational infeasibility for Eve if she does not have at least partial access to the secret information exploited by Alice and Bob to set up the problem. Examples of such primitives are RSA, cf. [PKCS], which could be solved if the integer factorization problem was easy, i.e., if one could find a nontrivial factor of a composite integer n, and the discrete logarithm problem, i.e., the problem of finding an integer k with [k]P = Q where P is a generator of a cyclic group (G,?) and Q ? G. These primitives are reviewed in Sections 1.4.3 and 1.5. They are applied in a prescribed way given by protocols. We will only briefly state the necessary problems and hardness assumptions in Section 1.6 but not go into the details. Then we go briefly into issues of primality proving and integer factorization. The next section is devoted to discrete logarithm systems. This is the category of cryptographic primitives in which elliptic and hyperelliptic curves are applied. Finally, we consider protocols, i.e., algorithms using the cryptographic primitive to establish a common key, encrypt a message for a receiver, or sign electronically.

查看原文本刊更多论文

公钥密码学简介

在本章中，我们介绍了基于离散对数问题的密码学的基本构建块，这将构成考虑本书中研究的群的主要动机。我们还简要介绍了RSA密码系统，因为它在实际应用中仍然是一个重要的公钥密码系统。假设有两个人，在续集中分别叫Alice和Bob(这两个名字从密码学开始就一直使用，因为它们允许使用字母a和B作为方便的缩写)，他们想要通过一个不安全的通道以安全的方式进行通信。换句话说，窃听者Eve(缩写为E)听到加密的对话应该不能读取明文或更改它。为了实现这些目标，我们使用基于一个问题的加密原语，这个问题应该很容易由Alice或Bob设置，或由两者设置，但不可能由Eve解决。粗略地说，如果Eve不能至少部分地访问Alice和Bob用来设置问题的秘密信息，那么她的不可行性意味着计算上的不可行性。这类原语的例子有RSA，参见[PKCS]，如果整数分解问题很容易解决，即，如果一个人能找到一个复合整数n的非平凡因子，离散对数问题，即，找到一个整数k的问题，P = Q，其中P是一个循环群(G，?)和Q的生成器?这些原语将在1.4.3节和1.5节中讨论。它们是按照协议规定的方式应用的。在第1.6节中，我们只简要说明必要的问题和硬度假设，而不深入细节。然后我们简要地讨论了素数证明和整数分解的问题。下一节将专门讨论离散对数系统。这是应用椭圆曲线和超椭圆曲线的密码原语类别。最后，我们考虑协议，即使用加密原语来建立公共密钥、为接收者加密消息或电子签名的算法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Handbook of Elliptic and Hyperelliptic Curve Cryptography

自引率

0.00%

发文量