Short Kloosterman Sums for Polynomials over Finite Fields

Banks, William D.; Harcharras, Asma; Shparlinski, Igor E.

doi:10.4153/cjm-2003-010-0

Cited by 4 publications

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This proof is quite similar to the proof of Theorem 2.2, and just requires slightly more attention to detail to obtain more explicit bounds. This expands upon some ideas from [6,14]. Again, recall the notation a 0 , r 0 and F 0 from (5.1).…”

Section: Applicationsmentioning

confidence: 86%

See 1 more Smart Citation

Energy bounds, bilinear forms and their applications in function fields

Bagshaw

Shparlinski

2022

Finite Fields and Their Applications

View full text Add to dashboard Cite

Section: Applicationsmentioning

confidence: 86%

“…As mentioned previously, bounds on sums of this form are used as tools to establish some of the main results in [25]. Here we take a different approach to bounding these sums which can hold for arbitrary F , based on the ideas of Bourgain and Garaev [8], Garaev [14], Fouvry and Shparlinski [12], Banks, Harcharras and Shparlinski [6] and Irving [17].…”

Section: 1mentioning

confidence: 99%

Energy bounds, bilinear forms and their applications in function fields

Bagshaw

Shparlinski

2022

Finite Fields and Their Applications

View full text Add to dashboard Cite

“…It has been shown in [1] that using the method of [7,8] (see also [4]), one can obtain an analogue of Theorem 1 for polynomials G of the form G = G 1 G 2 where G 1 , G 2 are irreducible polynomials of very small degree; see also [2].…”

Section: Remarksmentioning

confidence: 99%

A Variant of NTRU with Non-invertible Polynomials

Banks

Shparlinski

2002

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. We introduce a generalization of the NTRU cryptosystem and describe its advantages and disadvantages as compared with the original NTRU protocol. This extension helps to avoid the potential problem of finding "enough" invertible polynomials within very thin sets of polynomials, as in the original version of NTRU. This generalization also exhibits certain attractive "pseudorandomness" properties that can be proved rigorously using bounds for exponential sums. A Generalization of NTRUIn this generalization of the original NTRU cryptosystem [5,6], one selects integer parameters (N, p, q) and four sets L f , L g , L ϕ , L m of polynomials in the ring R = Z Z[X]/(X N − 1) as in the standard version of NTRU. We denote by the operation of multiplication in the ring R. The parameters q and p are distinct prime numbers such that gcd(N, q) = 1, and the sets L f , L g , L ϕ , L m are chosen to satisfy the "width condition"we define the width of F byOur extension of the original NTRU scheme can be described as follows.Key Creation. Alice randomly selects polynomials f ∈ L f , g ∈ L g and G ∈ R such that G has an inverse modulo q and f has an inverse modulo p. This is easily accomplished since G is allowed to range over all of R, and p will be very small in any practical implementation of this scheme. Alice first computes inverses G * q and f * p that satisfythen Alice computes the productsAlice publishes the pair of polynomials (h, H) as her public key, retaining (f, g, G) as her private key. The polynomial f * p is simply stored for later use, and the polynomial G * q may be discarded.Encryption. Suppose Bob (the encrypter) wants to send a secret message to Alice (the decrypter). Bob selects a message m from the set of plaintexts L m . Next, Bob selects a random polynomial ϕ ∈ L ϕ and uses Alice's public key (h, H) to compute e ≡ p ϕ h + H m (mod q).Bob then transmits e to Alice.Decryption. Alice has received e from Bob. To decrypt the message, she first computeschoosing the coefficients of a to lie in the interval from −q/2 to q/2. The remainder of our procedure now follows the standard version of NTRU; that is, Alice treats a as a polynomial with integer coefficients and recovers the message by computing m ≡ f * p a (mod p).One easily verifies that the case G = f corresponds to the classical NTRU cryptosystem (in this case, H = 1, so the public key consists solely of the polynomial h). Moreover, if f (and therefore H) is invertible modulo q, then this generalization is equivalent to the original scheme. Indeed, instead of decrypting e the attacker can try to decryptwhere H * q H ≡ 1 (mod q). On the other hand, if f is a zero-divisor in the ring R, then our construction seems to produce a new scheme.The main disadvantage of this scheme versus the classical NTRU scheme is that the public key size and the encryption time are roughly doubled.The advantages are:• This scheme provides more flexibility in the choice of parameters. In particular, it is likely that this generalization is more robust against some of the ...

show abstract

Open Problems on Exponential and Character Sums

Shparlinski

2009

Number Theory

Self Cite

View full text Add to dashboard Cite

Short Kloosterman Sums for Polynomials over Finite Fields

Cited by 4 publications

References 5 publications

Energy bounds, bilinear forms and their applications in function fields

Energy bounds, bilinear forms and their applications in function fields

A Variant of NTRU with Non-invertible Polynomials

Open Problems on Exponential and Character Sums

Contact Info

Product

Resources

About