Show Summary Details
More options …

# Groups Complexity Cryptology

Managing Editor: Shpilrain, Vladimir / Weil, Pascal

Editorial Board: Ciobanu, Laura / Conder, Marston / Eick, Bettina / Elder, Murray / Fine, Benjamin / Gilman, Robert / Grigoriev, Dima / Ko, Ki Hyoung / Kreuzer, Martin / Mikhalev, Alexander V. / Myasnikov, Alexei / Perret, Ludovic / Roman'kov, Vitalii / Rosenberger, Gerhard / Sapir, Mark / Thomas, Rick / Tsaban, Boaz / Capell, Enric Ventura / Lohrey, Markus

CiteScore 2018: 0.80

SCImago Journal Rank (SJR) 2018: 0.368
Source Normalized Impact per Paper (SNIP) 2018: 1.061

Mathematical Citation Quotient (MCQ) 2018: 0.38

Print + Online
See all formats and pricing
More options …
Volume 10, Issue 2

# A certain family of subgroups of ℤ𝑛⋆ is weakly pseudo-free under the general integer factoring intractability assumption

Mikhail Anokhin
Published Online: 2018-10-17 | DOI: https://doi.org/10.1515/gcc-2018-0007

## Abstract

Let ${𝔾}_{n}$ be the subgroup of elements of odd order in the group ${ℤ}_{n}^{\star }$, and let $\mathcal{𝒰}\left({𝔾}_{n}\right)$ be the uniform probability distribution on ${𝔾}_{n}$. In this paper, we establish a probabilistic polynomial-time reduction from finding a nontrivial divisor of a composite number n to finding a nontrivial relation between l elements chosen independently and uniformly at random from ${𝔾}_{n}$, where $l\ge 1$ is given in unary as a part of the input. Assume that finding a nontrivial divisor of a random number in some set N of composite numbers (for a given security parameter) is a computationally hard problem. Then, using the above-mentioned reduction, we prove that the family $\left(\left({𝔾}_{n},\mathcal{𝒰}\left({𝔾}_{n}\right)\right)\mid n\in N\right)$ of computational abelian groups is weakly pseudo-free. The disadvantage of this result is that the probability ensemble $\left(\mathcal{𝒰}\left({𝔾}_{n}\right)\mid n\in N\right)$ is not polynomial-time samplable. To overcome this disadvantage, we construct a polynomial-time computable function $\nu :D\to N$ (where $D\subseteq {\left\{0,1\right\}}^{*}$) and a polynomial-time samplable probability ensemble $\left({\mathcal{𝒢}}_{d}\mid d\in D\right)$ (where ${\mathcal{𝒢}}_{d}$ is a distribution on ${𝔾}_{\nu \left(d\right)}$ for each $d\in D$) such that the family $\left(\left({𝔾}_{\nu \left(d\right)},{\mathcal{𝒢}}_{d}\right)\mid d\in D\right)$ of computational abelian groups is weakly pseudo-free.

MSC 2010: 68Q17; 94A60; 11Y05; 20K99

## References

• [1]

M. Anokhin, Constructing a pseudo-free family of finite computational groups under the general integer factoring intractability assumption, Groups Complex. Cryptol. 5 (2013), no. 1, 53–74. Google Scholar

• [2]

M. Anokhin, Pseudo-free families of finite computational elementary abelian p-groups, Groups Complex. Cryptol. 9 (2017), no. 1, 1–18.

• [3]

S. Arora and B. Barak, Computational Complexity. A Modern Approach, Cambridge University Press, Cambridge, 2009. Google Scholar

• [4]

D. J. Bernstein, Detecting perfect powers in essentially linear time, Math. Comp. 67 (1998), no. 223, 1253–1283.

• [5]

D. Catalano, D. Fiore and B. Warinschi, Adaptive pseudo-free groups and applications, Advances in Cryptology—EUROCRYPT 2011, Lecture Notes in Comput. Sci. 6632, Springer, Heidelberg (2011), 207–223. Google Scholar

• [6]

M. Dietzfelbinger, Primality Testing in Polynomial Time: From Randomized Algorithms to “PRIMES is in P”, Lecture Notes in Comput. Sci. 3000, Springer, Berlin, 2004. Google Scholar

• [7]

M. Fukumitsu, Pseudo-free groups and cryptographic assumptions, PhD thesis, Tohoku University, 2014. Google Scholar

• [8]

S. R. Hohenberger, The cryptographic impact of groups with infeasible inversion, Master’s thesis, Massachusetts Institute of Technology, 2003. Google Scholar

• [9]

M. P. Jhanwar and R. Barua, Sampling from signed quadratic residues: RSA group is pseudofree, Progress in Cryptology—INDOCRYPT 2009, Lecture Notes in Comput. Sci. 5922, Springer, Berlin (2009), 233–247. Google Scholar

• [10]

D. Micciancio, The RSA group is pseudo-free, J. Cryptology 23 (2010), no. 2, 169–186.

• [11]

M. A. Nielsen and I. L. Chuang, Quantum Computation and Quantum Information, Cambridge University Press, Cambridge, 2000; errata list available at www.michaelnielsen.org/qcqi/.

• [12]

K. Prachar, Primzahlverteilung, Springer, Berlin, 1957. Google Scholar

• [13]

R. L. Rivest, On the notion of pseudo-free groups, Theory of Cryptography, Lecture Notes in Comput. Sci. 2951, Springer, Berlin (2004), 505–521. Google Scholar

• [14]

R. L. Rivest, On the notion of pseudo-free groups, presentation (2004), https://people.csail.mit.edu/rivest/pubs/Riv04e.slides.pdf, https://people.csail.mit.edu/rivest/pubs/Riv04e.slides.ppt, http://people.csail.mit.edu/rivest/Rivest-TCC04-PseudoFreeGroups.ppt; presentation of the conference paper.

• [15]

V. Shoup, A Computational Introduction to Number Theory and Algebra, 2nd ed., Cambridge University Press, Cambridge, 2008. Google Scholar

Published Online: 2018-10-17

Published in Print: 2018-11-01

Citation Information: Groups Complexity Cryptology, Volume 10, Issue 2, Pages 99–110, ISSN (Online) 1869-6104, ISSN (Print) 1867-1144,

Export Citation

© 2018 Walter de Gruyter GmbH, Berlin/Boston.