Schnorr group

A Schnorr group is a large prime-order subgroup of $mathbb{Z}^*_p$ , the multiplicative group of integers modulo p for some prime $p$ . To generate such a group, generate $p, q, r$ such that

: $p = qr + 1$

with $p, q$ prime. Then choose random $h$ in the range $1 < h < p$ until you find one such that

: $h^r
otequiv 1quad(hbox{mod}quad p).$

This value

: $g = h^rquadhbox{mod}quad p$

is a generator of a subgroup of $mathbb{Z}^*_p$ of order $q$ .

Schnorr groups are useful in discrete log based cryptosystems including Schnorr signatures and DSA. In such applications, typically $p$ is chosen to be large enough to resist index-calculus and related methods of solving the discrete-log problem (perhaps 1024-2048 bits), while $q$ is large enough to resist the birthday attack on discrete log problems, which works in any group (perhaps 160-512 bits). Because the Schnorr group is of prime order, it has no non-trivial subgroups, thwarting small subgroup attacks. Implementations of protocols that use Schnorr groups must verify where appropriate that integers supplied by other parties are in fact members of the Schnorr group; $x$ is a member of the group if $0 < x < p$ and $x^q equiv 1quad(hbox{mod}quad p)$ . It will usually also be appropriate to reject $x = 1$ .

Schnorr groups were proposed for cryptographic use by Claus P. Schnorr.

"See also:" Topics in cryptography

Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

Schnorr signature — In cryptography, a Schnorr signature is a digital signature produced by the Schnorr signature algorithm. Its security is based on the intractability of certain discrete logarithm problems. It is considered the simplest digital signature scheme to … Wikipedia
Schnorr von Carolsfeld, Julius — ▪ German painter born March 26, 1794, Leipzig, Saxony [Germany] died May 24, 1872, Dresden, Ger. painter and designer who figured importantly in the German Nazarene movement. Schnorr received his earliest instruction from his father,… … Universalium
Claus P. Schnorr — Claus Peter Schnorr C. P. Schorr at Oberwolfach, 1986. Born 4 August 1943 … Wikipedia
List of mathematics articles (S) — NOTOC S S duality S matrix S plane S transform S unit S.O.S. Mathematics SA subgroup Saccheri quadrilateral Sacks spiral Sacred geometry Saddle node bifurcation Saddle point Saddle surface Sadleirian Professor of Pure Mathematics Safe prime Safe… … Wikipedia
Decisional Diffie–Hellman assumption — The decisional Diffie–Hellman (DDH) assumption is a computational hardness assumption about a certain problem involving discrete logarithms in cyclic groups. It is used as the basis to prove the security of many cryptographic protocols, most… … Wikipedia
Decisional Diffie-Hellman assumption — The decisional Diffie Hellman (DDH) assumption is a computational hardness assumption about a certain problem involving discrete logarithms in cyclic groups. It is used as the basis to prove the security of many cryptographic protocols, most… … Wikipedia
Anonymous veto network — In cryptography, the Anonymous Veto Network (or AV net) is a multi party secure computation protocol to compute the boolean OR function [F. Hao, P. Zieliński. [http://www.cl.cam.ac.uk/ fh240/pdf/avnet.pdf A 2 round anonymous veto protocol] .… … Wikipedia
painting, Western — ▪ art Introduction history of Western painting from its beginnings in prehistoric times to the present. Painting, the execution of forms and shapes on a surface by means of pigment (but see also drawing for discussion of depictions in … Universalium
Nazarene movement — For other uses, see Nazarene (disambiguation). In Jacob encountering Rachel with her father s herd, Joseph von Führich attempts to recapture the mood of Perugino and Raphael, 1836 (Österreichische Galerie, Vienna) The name Nazarene was adopted by … Wikipedia
Proof of knowledge — In cryptography, a proof of knowledge is an interactive proof in which the prover succeeds convincing a verifier that it knows something. What it means for a machine to know something is defined in terms of computation. A machine knows something … Wikipedia

Academic Dictionaries and Encyclopedias

Schnorr group

Look at other dictionaries:

Share the article and excerpts

Academic Dictionaries and Encyclopedias

Wikipedia

Schnorr group

Look at other dictionaries:

Share the article and excerpts

Direct link