TY - GEN
T1 - A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption
AU - Hühnlein, Detlef
AU - Jacobson, Michael J.
AU - Paulus, Sachar
AU - Takagi, Tsuyoshi
N1 - Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 1998.
Copyright:
Copyright 2016 Elsevier B.V., All rights reserved.
PY - 1998
Y1 - 1998
N2 - We introduce a new cryptosystem with trapdoor decryption based on the difficulty of computing discrete logarithms in the class group of the nonmaximal imaginary quadratic order N Δq, where δq = δq2, δ square-free and q prime. The trapdoor information is the conductor q. Knowledge of this trapdoor information enables one to switch to and from the class group of the maximal order N Δ, where the representatives of the ideal classes have smaller coefficients. Thus, the decryption procedure may be performed in the class group of N Δ rather than in the class group of the public N Δq, which is much more efficient. We show that inverting our proposed cryptosystem is computationally equivalent to factoring the non-fundamental discriminant δq, which is intractable for a suitable choice of δ and q. We also describe how signature schemes in N Δq may be set up using this trapdoor information. Furthermore, we illustrate how one may embed key escrow capability into classical imaginary quadratic field cryptosystems.
AB - We introduce a new cryptosystem with trapdoor decryption based on the difficulty of computing discrete logarithms in the class group of the nonmaximal imaginary quadratic order N Δq, where δq = δq2, δ square-free and q prime. The trapdoor information is the conductor q. Knowledge of this trapdoor information enables one to switch to and from the class group of the maximal order N Δ, where the representatives of the ideal classes have smaller coefficients. Thus, the decryption procedure may be performed in the class group of N Δ rather than in the class group of the public N Δq, which is much more efficient. We show that inverting our proposed cryptosystem is computationally equivalent to factoring the non-fundamental discriminant δq, which is intractable for a suitable choice of δ and q. We also describe how signature schemes in N Δq may be set up using this trapdoor information. Furthermore, we illustrate how one may embed key escrow capability into classical imaginary quadratic field cryptosystems.
UR - http://www.scopus.com/inward/record.url?scp=84957614726&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84957614726&partnerID=8YFLogxK
U2 - 10.1007/BFb0054134
DO - 10.1007/BFb0054134
M3 - Conference contribution
AN - SCOPUS:84957614726
SN - 3540645187
SN - 9783540645184
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 294
EP - 307
BT - Advances in Cryptology — EUROCRYPT 1998, International Conference on the Theory and Application of Cryptographic Techniques, Proceedings
A2 - Nyberg, Kaisa
PB - Springer Verlag
T2 - International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT 1998
Y2 - 31 May 1998 through 4 June 1998
ER -