Óscar García-Morchón, R. Rietman, L. Tolhuizen, Domingo Gómez-Pérez, J. Gutierrez
{"title":"MMO问题","authors":"Óscar García-Morchón, R. Rietman, L. Tolhuizen, Domingo Gómez-Pérez, J. Gutierrez","doi":"10.1145/2608628.2608643","DOIUrl":null,"url":null,"abstract":"We consider a two polynomials analogue of the polynomial interpolation problem. Namely, we consider the Mixing Modular Operations (MMO) problem of recovering two polynomials <i>f</i> ∈ Z<sub><i>p</i></sub>[<i>x</i>] and <i>g</i> ∈ Z<sub><i>q</i></sub>[<i>x</i>] of known degree, where <i>p</i> and <i>q</i> are two (un)known positive integers, from the values of <i>f</i>(<i>t</i>) mod <i>p</i>+<i>g</i>(<i>t</i>) mod <i>q</i> at polynomially many points <i>t</i> ∈ Z. We show that if <i>p</i> and <i>q</i> are known, the MMO problem can be reduced to computing a close vector in a lattice with respect to the infinity norm. Using the Gaussian heuristic we also implemented in the SAGE system a polynomial-time algorithm. If <i>p</i> and <i>q</i> are kept secret, we do not know how to solve this problem. This problem is motivated by several potential cryptographic applications.","PeriodicalId":243282,"journal":{"name":"International Symposium on Symbolic and Algebraic Computation","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"The MMO problem\",\"authors\":\"Óscar García-Morchón, R. Rietman, L. Tolhuizen, Domingo Gómez-Pérez, J. Gutierrez\",\"doi\":\"10.1145/2608628.2608643\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We consider a two polynomials analogue of the polynomial interpolation problem. Namely, we consider the Mixing Modular Operations (MMO) problem of recovering two polynomials <i>f</i> ∈ Z<sub><i>p</i></sub>[<i>x</i>] and <i>g</i> ∈ Z<sub><i>q</i></sub>[<i>x</i>] of known degree, where <i>p</i> and <i>q</i> are two (un)known positive integers, from the values of <i>f</i>(<i>t</i>) mod <i>p</i>+<i>g</i>(<i>t</i>) mod <i>q</i> at polynomially many points <i>t</i> ∈ Z. We show that if <i>p</i> and <i>q</i> are known, the MMO problem can be reduced to computing a close vector in a lattice with respect to the infinity norm. Using the Gaussian heuristic we also implemented in the SAGE system a polynomial-time algorithm. If <i>p</i> and <i>q</i> are kept secret, we do not know how to solve this problem. This problem is motivated by several potential cryptographic applications.\",\"PeriodicalId\":243282,\"journal\":{\"name\":\"International Symposium on Symbolic and Algebraic Computation\",\"volume\":\"101 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-01-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Symposium on Symbolic and Algebraic Computation\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2608628.2608643\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Symposium on Symbolic and Algebraic Computation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2608628.2608643","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10
摘要
我们考虑一个多项式插值问题的双多项式模拟。也就是说,我们考虑从多项式多个点t∈z处的f(t) mod p+g(t) mod q的值中恢复两个已知阶多项式f∈Zp[x]和g∈Zq[x]的混合模操作(MMO)问题。我们证明,如果p和q是已知的,MMO问题可以简化为计算晶格中关于无穷范数的接近向量。我们还利用高斯启发式算法在SAGE系统中实现了一个多项式时间算法。如果p和q是保密的,我们不知道如何解决这个问题。这个问题是由几个潜在的加密应用程序引起的。
We consider a two polynomials analogue of the polynomial interpolation problem. Namely, we consider the Mixing Modular Operations (MMO) problem of recovering two polynomials f ∈ Zp[x] and g ∈ Zq[x] of known degree, where p and q are two (un)known positive integers, from the values of f(t) mod p+g(t) mod q at polynomially many points t ∈ Z. We show that if p and q are known, the MMO problem can be reduced to computing a close vector in a lattice with respect to the infinity norm. Using the Gaussian heuristic we also implemented in the SAGE system a polynomial-time algorithm. If p and q are kept secret, we do not know how to solve this problem. This problem is motivated by several potential cryptographic applications.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
