Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

A certain family of subgroups of ℤ𝑛 ⋆ is weakly pseudo-free under the general integer factoring intractability assumption

A certain family of subgroups of ℤ𝑛 ⋆ is weakly pseudo-free under the general integer factoring... AbstractLet 𝔾n{\mathbb{G}_{n}}be the subgroup of elements of odd order in the group ℤn⋆{\mathbb{Z}^{\star}_{n}}, and let 𝒰⁢(𝔾n){\mathcal{U}(\mathbb{G}_{n})}be the uniform probability distribution on 𝔾n{\mathbb{G}_{n}}.In this paper, we establish a probabilistic polynomial-time reduction from finding a nontrivial divisor of a composite number n to finding a nontrivial relation between l elements chosen independently and uniformly at random from 𝔾n{\mathbb{G}_{n}}, where l≥1{l\geq 1}is given in unary as a part of the input.Assume that finding a nontrivial divisor of a random number in some set N of composite numbers (for a given security parameter) is a computationally hard problem.Then, using the above-mentioned reduction, we prove that the family ((𝔾n,𝒰(𝔾n))∣n∈N){((\mathbb{G}_{n},\mathcal{U}(\mathbb{G}_{n}))\mid n\in N)}of computational abelian groups is weakly pseudo-free.The disadvantage of this result is that the probability ensemble (𝒰(𝔾n)∣n∈N){(\mathcal{U}(\mathbb{G}_{n})\mid n\in N)}is not polynomial-time samplable.To overcome this disadvantage, we construct a polynomial-time computable function ν:D→N{\nu\colon D\to N}(where D⊆{0,1}*{D\subseteq\{0,1\}^{*}}) and a polynomial-time samplable probability ensemble (𝒢d∣d∈D){(\mathcal{G}_{d}\mid d\in D)}(where 𝒢d{\mathcal{G}_{d}}is a distribution on 𝔾ν⁢(d){\mathbb{G}_{\nu(d)}}for each d∈D{d\in D}) such that the family ((𝔾ν⁢(d),𝒢d)∣d∈D){((\mathbb{G}_{\nu(d)},\mathcal{G}_{d})\mid d\in D)}of computational abelian groups is weakly pseudo-free. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Groups Complexity Cryptology de Gruyter

A certain family of subgroups of ℤ𝑛 ⋆ is weakly pseudo-free under the general integer factoring intractability assumption

Anokhin, Mikhail
Groups Complexity Cryptology , Volume 10 (2): 12 – Nov 1, 2018
Download PDF
12 pages

Loading next page...
 
/lp/de-gruyter/a-certain-family-of-subgroups-of-is-weakly-pseudo-free-under-the-XVNUboBxWG

References

References for this paper are not available at this time. We will be adding them shortly, thank you for your patience.

Publisher
de Gruyter
Copyright
© 2018 Walter de Gruyter GmbH, Berlin/Boston
ISSN
1869-6104
eISSN
1869-6104
DOI
10.1515/gcc-2018-0007
Publisher site
See Article on Publisher Site

Abstract

AbstractLet 𝔾n{\mathbb{G}_{n}}be the subgroup of elements of odd order in the group ℤn⋆{\mathbb{Z}^{\star}_{n}}, and let 𝒰⁢(𝔾n){\mathcal{U}(\mathbb{G}_{n})}be the uniform probability distribution on 𝔾n{\mathbb{G}_{n}}.In this paper, we establish a probabilistic polynomial-time reduction from finding a nontrivial divisor of a composite number n to finding a nontrivial relation between l elements chosen independently and uniformly at random from 𝔾n{\mathbb{G}_{n}}, where l≥1{l\geq 1}is given in unary as a part of the input.Assume that finding a nontrivial divisor of a random number in some set N of composite numbers (for a given security parameter) is a computationally hard problem.Then, using the above-mentioned reduction, we prove that the family ((𝔾n,𝒰(𝔾n))∣n∈N){((\mathbb{G}_{n},\mathcal{U}(\mathbb{G}_{n}))\mid n\in N)}of computational abelian groups is weakly pseudo-free.The disadvantage of this result is that the probability ensemble (𝒰(𝔾n)∣n∈N){(\mathcal{U}(\mathbb{G}_{n})\mid n\in N)}is not polynomial-time samplable.To overcome this disadvantage, we construct a polynomial-time computable function ν:D→N{\nu\colon D\to N}(where D⊆{0,1}*{D\subseteq\{0,1\}^{*}}) and a polynomial-time samplable probability ensemble (𝒢d∣d∈D){(\mathcal{G}_{d}\mid d\in D)}(where 𝒢d{\mathcal{G}_{d}}is a distribution on 𝔾ν⁢(d){\mathbb{G}_{\nu(d)}}for each d∈D{d\in D}) such that the family ((𝔾ν⁢(d),𝒢d)∣d∈D){((\mathbb{G}_{\nu(d)},\mathcal{G}_{d})\mid d\in D)}of computational abelian groups is weakly pseudo-free.

Journal

Groups Complexity Cryptologyde Gruyter

Published: Nov 1, 2018

References

  • Detecting perfect powers in essentially linear time