椭圆曲线公钥体制的一些探讨

本文讨论了椭圆曲线公钥体制中的一些问题,并举出了几个有意义的例子。     

云计算在RSA密码体制分析中的应用

RSA是著名的公钥密码体制之一,其安全性是基于大整数因子分解困难性假设的,求解RSA问题的最直接方法是分解RSA的模数.由于云计算的大规模分布式计算能力,一些使用分布式计算模型MapReduce的大整数分解手段已经实现,针对大整数因子分解的问题,提出了给定范围内搜索因子的新方法,并对相应的实验数据和结果进行了分析.结果表明,在云中的分布式计算的运行时间远小于单台机器.     

RSA的非完全映射特征分析中概率模型的性质

本文给出了与随机选取置换有关的一类随机变量的方差和r阶矩,求得了这类随机变量的分布律,并证明了关于全向置换计数的猜想的一部分,对吕述望教授等的步的补充和完善.     

RSA公开密钥体制及其主要数学基础

在密码学发展的历史上,1976年是一个值得纪念的年份.这一年,美国斯坦福大学年轻的数学家狄菲(Diffie)和计算机专家海尔曼(Hellman)联名发表了<密码学的新方向>一文,开创了现代密码学的新领域--公开密钥体制(简称公钥体制).     

有限自动机公钥密码体制的密码分析

提出一种针对有限自动机公钥密码系统的攻击算法,它可在多项式时间内破译有限自动机公钥密码方案FAPKCO.这一算法的基本思想,原则上也可用来攻击其他有限自动机公钥密码方案,因而在设计新的有限自动机公钥密码系统时,必须讨论它是否经得住这种方法的攻击.     

一种民间游戏的数学模型

针对一民间游戏建立了相应的数学模型,给出了一般算法,讨论了相关性质和应用前景,设计了一个应用实例.     

基于Rabin算法的超递增背包公钥密码体制的研究与改进

超递增背包公钥密码体制是基于超递增背包问题的密码体制,它使得加密解密的过程变得相对简单.但是,由于该体制本身存在一定的弱点,不少国内外学者都提出了破解方案.在超递增背包公钥的基础上,结合了Rabin算法,使得原先的密码体制变得更为灵活.改进后的算法不但在性能上保持了高效率,而且将原先的密钥变为公钥,可以根据用户需求动态地改变公钥,实现安全性的成倍提高.     

基于单模数线性同余方程组设计的公钥密码体系

本文基于MH-KPKC体系和HILL密码体系的构建思想,提出了基于单模数线性同余方程组设计的公钥密码体系.该体制无需利用超递增序列和贪心算法恢复明文.算例说明了该体制的可行性。     

整环Z[ω]中的RSA

利用模元素n在整环Z[ω]中的相伴元将复平面分为六部分,并指定其中一部分为消息的有效域,将RSA密码体制及其数字签名方案推广到了Z[ω]中,并给出了一个实例.在安全性方面,所提出的推广体制比原RSA体制具有一定的优势.     

一种计算心肌梗塞面积的数学模型

本讨论了用数学建模的方法计算心肌梗塞面积，是数学应用于医学的又一成功的实例。该方法是：在急性心肌梗塞初期，由电体表面电位分布状态得出心脏的局部电现象，建立数学模型，编写计算机程序实现梗塞面积的计算。     

关于RSA的k阶不动点

本文研究了RSA密码系统一个初步的动力分析.利用M(o)bius反转公式,我们给出了RSA密码系统的k阶不动点的数目公式,从而解决了文献[8,9]中的问题.     

On the Number of Sparse RSA Exponents

An RSA modulus is a product M=pl of two primes p and l. We show that for almost all RSA moduli M, the number of sparse exponents e (which allow for fast RSA encryption) with the property that gcd(e,?(M))=1 (hence RSA decryption can also be performed) is very close to the expected value.     

An approximate expression related with RSA fixed points

Let T=T(n,e,a)be the number of fixed points of RSA(n,e)that are co-prime with n=pq,and A,B be sets of prime numbers in (1,x)and(1,y) respectively.An estimation on the mean-value M(A,B,e,a)=1/(#A)(#B)∑p∈A,q∈B,(p.q)=1 logT(pq,e,a)is given.     

On the Use of RSA as a Secret Key Cryptosystem

One fundamental difference between the use of symmetric and publickey cryptosystems is that the former requires trust between sender and receiver. Typically they will share a secret key and neitherhas any protection from the other. However, many users are nowfinding that they want keys to be used for 'one purpose only'and are relying on hardware functionality to introduce the conceptof unidirectional keys for symmetric algorithms. (So, for instance,the hardware functionality might ensure that a key used for encryptingmessages from user A to user B cannot be used for encrypting messages in the opposite direction.) For public key systems this concept of unidirectional keys is automatically satisfied. However,when the encrypting key is made public, the exposure of this key means that the deciphering key is only safe from compromise when the keys are very large. If, on the other hand, both keys were kept secret then it might be possible to use much smallerkeys. In this paper we investigate ways of using the primitives of an RSA public key cryptosystem in a symmetric key 'setting'i.e. where neither key is made public.     

Index Calculation Attacks on RSA Signature and Encryption

At Crypto ’85, Desmedt and Odlyzko described a chosen-ciphertext attack against plain RSA encryption. The technique can also be applied to RSA signatures and enables an existential forgery under a chosen-message attack. The potential of this attack remained untapped until a twitch in the technique made it effective against two very popular RSA signature standards, namely iso/iec 9796-1 and iso/iec 9796-2. Following these attacks, iso/iec 9796-1 was withdrawn and ISO/IEC 9796-2 amended. In this paper, we explain in detail Desmedt and Odlyzko’s attack as well as its application to the cryptanalysis of iso/iec 9796-2. AMS Classification: 11T71, 14G50, 94A60     

On the uniformity of distribution of the RSA pairs

Let be a product of two distinct primes and . We show that for almost all exponents with the RSA pairs are uniformly distributed modulo when runs through

the group of units modulo (that is, as in the classical RSA scheme);

the set of -products , , where are selected at random (that is, as in the recently introduced RSA scheme with precomputation).

These results are based on some new bounds of exponential sums.

     

On RSA Moduli with Prescribed Bit Patterns

We give a polynomial time probabilistic algorithm that constructs an RSA modulus M=pl, where p and l are two n-bit primes, which has about n/2 bits, on certain positions, prescribed in advance. Although the number of prescribed bits is less than in other constructions, this algorithm can be rigorously analyzed while the other approaches remain heuristic. The proof is based on bounds of exponential sums. We also show that this algorithm can be used for finding 2n-bit RSA moduli whose binary expansions are of Hamming weight about 3n/4. Finally, similar arguments are also applied to smooth integers.     

On RSA moduli with almost half of the bits prescribed

We show that using character sum estimates due to H. Iwaniec leads to an improvement of recent results about the distribution and finding RSA moduli M=pl, where p and l are primes, with prescribed bit patterns. We are now able to specify about n bits instead of about n/2 bits as in the previous work. We also show that the same result of H. Iwaniec can be used to obtain an unconditional version of a combinatorial result of W. de Launey and D. Gordon that was originally derived under the Extended Riemann Hypothesis.