27 lines
1.8 KiB
TeX
27 lines
1.8 KiB
TeX
\chapter{Underlying Structures}
|
|
\label{chap:structures}
|
|
|
|
In the previous chapter, we saw that theoretical cryptography has to rely on \emph{computational hardness assumptions}.
|
|
Beside \emph{information theory-base cryptography}, most hardness assumptions are built on top of algebraic structures.
|
|
For instance the discrete logarithm assumption (Definition~\ref{de:DLP}) is based on a cyclic group structure.
|
|
That is, in some groups it is assumed that computing the discrete logarithm is an intractable problem for any probabilistic polynomial time algorithms.
|
|
|
|
The existence of these structures proves useful when it comes to design protocols.
|
|
For that, constructions takes advantage of the mathematical properties of the structure to allow the functionality.
|
|
An example is the multiplicative homomorphism of the ElGamal cryptosystem which is possible using the structure of the underlying cyclic group $\GG$ on which the scheme is built upon.
|
|
%Namely, an El Gamal encryption of a message $M$ under the public key $h = g^\alpha_{} \in \GG$ is a couple $(c_1^{}, c_2^{}) = (g^r_{}, M \cdot h^r_{}) \in \GG^2_{}$, which can be decrypted with the knowledge of the secret key $\alpha \in \Zp$: $M = c_2^{} \cdot c_1^{-\alpha}$.
|
|
%Then, the cyclic group structure of $\GG$ leads to the ability to compute a valid ciphertext for $M \cdot M'$ given ciphertexts $(c_1^{}, c_2^{})$ and $(c'_1, c'_2)$ of $M$ and $M'_{}$ respectively.
|
|
%The resulting ciphertext is $(c_1^{} \cdot c'_1, c_2^{} \cdot c'_2) = (g^{r \cdot r'_{}}, M \cdot M' \cdot h^{r \cdot r'_{}})$
|
|
|
|
In this chapter, we describe the different structures on which the cryptography primitives we design in this thesis are based on, namely bilinear groups and lattices.
|
|
|
|
\section{Pairing-Based Cryptography}
|
|
\label{se:pairing}
|
|
|
|
\input sec-pairings
|
|
|
|
\section{Lattice-Based Cryptography}
|
|
\label{se:lattices}
|
|
|
|
\input sec-lattices
|