Efficient pseudorandom generators based on the DDH assumption

Reza Rezaeian Farashahi*, Berry Schoenmakers, Andrey Sidorenko

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

32 Citations (Scopus)

Abstract

A family of pseudorandom generators based on the decisional Diffie-Hellman assumption is proposed. The new construction is a modified and generalized version of the Dual Elliptic Curve generator proposed by Barker and Kelsey. Although the original Dual Elliptic Curve generator is shown to be insecure, the modified version is provably secure and very efficient in comparison with the other pseudorandom generators based on discrete log assumptions. Our generator can be based on any group of prime order provided that an additional requirement is met (i.e., there exists an efficiently computable function that in some sense enumerates the elements of the group). Two specific instances are presented. The techniques used to design the instances, for example, the new probabilistic randomness extractor are of independent interest for other applications.

Original languageEnglish
Title of host publicationPublic Key Cryptography - PKC 2007 - 10th International Conference on Practice and Theory in Public-Key Cryptography, Proceedings
EditorsTatsuaki Okamoto, Xiaoyun Wang
Pages426-441
Number of pages16
Volume4450 LNCS
Publication statusPublished - 2007
Event10th International Conference on Theory and Practice in Public-Key Cryptography, PKC 2007 - Beijing, China
Duration: 16 Apr 200720 Apr 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4450 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other10th International Conference on Theory and Practice in Public-Key Cryptography, PKC 2007
CountryChina
CityBeijing
Period16/04/0720/04/07

Fingerprint Dive into the research topics of 'Efficient pseudorandom generators based on the DDH assumption'. Together they form a unique fingerprint.

Cite this