We generalize and extend results obtained by Boneh and Venkatesan in 1996 and by González Vasco and Shparlinski in 2000 on the hardness of computing bits of the Diffie-Hellman key, given the public values. Specifically, while these results could only exclude (essentially) error-free predictions, we here exclude any non-negligible advantage, though for larger fractions of the bits. We can also demonstrate a trade-off between the tolerated error rate and the number of unpredictable bits. Moreover, by changing computational model, we show that even a very small proportion of the most significant bits of the Diffie-Hellman secret key cannot be retrieved from the public information by means of a Las Vegas type algorithm, unless the corresponding scheme is weak itself. © International Association for Cryptologic Research 2004.
CITATION STYLE
Vasco, M. I. G., Näslund, M., & Shparlinski, I. E. (2004). New results on the hardness of diffie-hellman bits. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2947, 159–172. https://doi.org/10.1007/978-3-540-24632-9_12
Mendeley helps you to discover research relevant for your work.