Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
EUROCRYPT
2004
Springer
2004
Springer
Secure Hashed Diffie-Hellman over Non-DDH Groups
We show that in applications that use the Diffie-Hellman (DH) transform but take care of hashing the DH output (as required, for example, for secure DH-based encryption and key exchange) the usual requirement to work over a DDH group, i.e., a group in which the Decisional Diffie-Hellman assumption holds, can be relaxed to only requiring that the DH group contains a large enough DDH subgroup. In particular, this implies the security of (hashed) Diffie-Hellman over non-prime order groups such as Z p . Moreover, our results indicate that one can work directly over Z p without requiring any knowledge of the prime factorization of p-1 and without even having to find a generator of Z p . These results are obtained via a general characterization of DDH groups in terms of their DDH subgroups, and a relaxation (called t-DDH) of the DDH assumption via computational entropy. We also show that, under the short-exponent discretelog assumption, the security of the hashed Diffie-Hellman transform is...
Real-time TrafficRelated Content
| Added | 20 Aug 2010 |
| Updated | 20 Aug 2010 |
| Type | Conference |
| Year | 2004 |
| Where | EUROCRYPT |
| Authors | Rosario Gennaro, Hugo Krawczyk, Tal Rabin |
Comments (0)
Researcher Info
|
