Skip to main content
Conference ProceedingsOPEN ACCESS

THE CRYPTOGRAPHIC SECURITY OF TRUNCATED LINEARLY RELATED VARIABLES.

Conference Proceedings of the Annual ACM Symposium on Theory of Computing (1985) 356-362
DOI: 10.1145/22145.22184
31Citations
Citations of this article
16Readers
Mendeley users who have this article in their library.

Abstract

In this paper we describe a polynomial time algorithm for computing the values of variables x//1,. . . ,x//k when some of their bits and some linear relationships between them are known. The algorithm is essentially optimal in its use of information in the sense that it can be applied as soon as the values of the x//i become uniquely determined by the constraints. Its cryptanalytic significance is demonstrated by two applications: breaking linear congruential generators whose outputs are truncated, and breaking Blum's protocol for exchanging secrets.

Cite

CITATION STYLE

APA

Hastad, J., & Shamir, A. (1985). THE CRYPTOGRAPHIC SECURITY OF TRUNCATED LINEARLY RELATED VARIABLES. In Conference Proceedings of the Annual ACM Symposium on Theory of Computing (pp. 356–362). ACM (Order n 508850). https://doi.org/10.1145/22145.22184

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free