## CryptoDB

### V. R. Sule

#### Publications

Year
Venue
Title
2006
EPRINT
This paper proposes investigation of special sessions of the Diffie Hellman (DH) key exchange scheme on elliptic curves for which the shared key can be computed by a polynomial time algorithm. Such sessions are called \emph{singular}. Existence of singular sessions are demonstrated using the Frobenius expansion and polynomial representation of public keys which lead to an expression for the shared key. When the Weil pairing can be computed on the elliptic curve along with a modified pairing defined by a distortion map efficiently, a sufficient condition is obtained for sessions to be singular which can be verified in polynomial time. Hence this condition identifies sessions whose singular nature can be determined in polynomial time. A single round three party key exchange scheme is proposed using singular sessions in which efficient computation of the shared key of a pair of users by the third party is a necessary requirement. This scheme is thus a positive application of singular sessions and offers a possible alternative to the need for using super singular curves on which pairings can be computed efficiently.
2005
EPRINT
This paper investigates the Diffie-Hellman key exchange scheme over the group $\fpm^*$ of nonzero elements of finite fields and shows that there exist exponents $k$, $l$ satisfying certain conditions called the \emph{modulus conditions}, for which the Diffie Hellman Problem (DHP) can be solved in polynomial number of operations in $m$ without solving the discrete logarithm problem (DLP). These special private keys of the scheme are termed \emph{weak} and depend also on the generator $a$ of the cyclic group. More generally the triples $(a,k,l)$ with generator $a$ and one of private keys $k,l$ weak, are called \emph{weak triples}. A sample of weak keys is computed and it is observed that their number may not be insignificant to be ignored in general. Next, an extension of the analysis and weak triples is carried out for the Diffie Hellman scheme over the matrix group $\gln$ and it is shown that for an analogous class of session triples, the DHP can be solved without solving the DLP in polynomial number of operations in the matrix size $n$. A revised Diffie Hellman assumption is stated, taking into account the above exceptions.
2005
EPRINT
This paper develops a cryptanalysis of the pairing based Diffie Hellman (DH) key exchange schemes which have found important applications as in the tripartite exchange scheme proposed in \cite{joux}. The analysis of \emph{weak keys} of the standard DH scheme proposed in \cite{kas1} is applied to show existence of weak sessions for tripartite schemes over super-singular curves. It is shown that for such sessions the associated Bilinear Diffie Hellman Problem (BDHP) is solvable in polynomial time, without computing the private keys i.e. without solving the discrete logarithms. Similar applications of the analysis to Decisional Diffie Hellman Problem (DDHP)and the Identity Based DH scheme (IBS) are also developed. The tripartite key exchange scheme is analyzed in detail and it is shown that the number of weak keys increases in this scheme as compared to the standard two party DH scheme. It is shown that the random choice of private keys by the users independent of each other's knowledge is insecure in these schemes. Algorithms are suggested for checking weakness of private keys based on an order of selection. A modified tripartite key exchange scheme is presented in which detection of weak keys is incorporated.

A. A. Kalele (2)