Security of polynomial transformations of the Diffie-Hellman key

Igor E. Shparlinski*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

6 Citations (Scopus)


Boneh and Venkatesan have recently proposed an approach to proving that a reasonably small portions of most significant bits of the Diffie-Hellman key modulo a prime are as secure as the whole key. Some further improvements and generalizations have been obtained by Gonzales Vasco and Shparlinski. Verheul has obtained certain analogies of these results in the case of Diffie-Hellman keys in extensions of finite fields, when an oracle is given to compute a certain polynomial function of the key, for example, the trace in the background field. Here we obtain a new result in this direction concerning the case of so-called "unreliable" oracles. The result has applications to the security of the recently proposed by Lenstra and Verheul XTR cryptosystem.

Original languageEnglish
Pages (from-to)123-131
Number of pages9
JournalFinite Fields and their Applications
Issue number1
Publication statusPublished - Jan 2004


Dive into the research topics of 'Security of polynomial transformations of the Diffie-Hellman key'. Together they form a unique fingerprint.

Cite this