Attacking the linear congruential generator on elliptic curves via lattice techniques

Gutiérrez Gutiérrez, Jaime

doi:10.1007/s12095-021-00535-6

dc.contributor.author	Gutiérrez Gutiérrez, Jaime
dc.contributor.other	Universidad de Cantabria	es_ES
dc.date.accessioned	2022-06-01T07:26:04Z
dc.date.available	2022-06-01T07:26:04Z
dc.date.issued	2022-05
dc.identifier.issn	1936-2447
dc.identifier.issn	1936-2455
dc.identifier.uri	http://hdl.handle.net/10902/24935
dc.description.abstract	In this paper we study the linear congruential generator on elliptic curves from the cryptographic point of view. We show that if sufficiently many of the most significant bits of the composer and of three consecutive values of the sequence are given, then one can recover the seed and the composer (even in the case where the elliptic curve is private). The results are based on lattice reduction techniques and improve some recent approaches of the same security problem. We also estimate limits of some heuristic approaches, which still remain much weaker than those known for nonlinear congruential generators. Several examples are tested using implementations of ours algorithms.	es_ES
dc.format.extent	21 p.	es_ES
dc.language.iso	eng	es_ES
dc.publisher	Springer	es_ES
dc.rights	Attribution 4.0 International	es_ES
dc.rights.uri	http://creativecommons.org/licenses/by/4.0/	*
dc.source	Cryptography and Communications, 2022, 14(3), 505-525	es_ES
dc.subject.other	PseudoRandom	es_ES
dc.subject.other	Bit generator	es_ES
dc.subject.other	Elliptic curves	es_ES
dc.subject.other	Lattice based attack	es_ES
dc.title	Attacking the linear congruential generator on elliptic curves via lattice techniques	es_ES
dc.type	info:eu-repo/semantics/article	es_ES
dc.relation.publisherVersion	https://doi.org/10.1007/s12095-021-00535-6	es_ES
dc.rights.accessRights	openAccess	es_ES
dc.identifier.DOI	10.1007/s12095-021-00535-6
dc.type.version	publishedVersion	es_ES