Alexandru Ioan Cuza University of Ia¸si,Romˆania Department of Computer Science
Quadratic Residues and Applications in Cryptography
by Anca-Maria Nica
supervisor
Prof. Dr. C˘at˘alinDima
2020 .
Doctoral committee: Conf.Dr. Adrian Iftene - committee chairman Alexandru Ioan Cuza University of Ia¸si Prof.Dr. C˘at˘alinDima - doctoral supervisor Alexandru Ioan Cuza University of Ia¸si/ “Paris Est Creteil - Val de Marne” Prof.Dr. Constantin Popescu - reviewer University of Oradea Prof.Dr. Ferucio Laurent¸iu T¸iplea - reviewer Alexandru Ioan Cuza University of Ia¸si Conf.Dr. Octavian Catrina - reviewer University Politehnica of Bucharest Conf.Dr. Mihai Dumitru Prunescu - reviewer University of Bucharest Acknowledgements
I became more and more concerned about the meaning of life, whose essence can be summarized in one word: giving. But you cannot give what you do not have, so growing is another leading word in my life. I would like to have a positive impact on others’ lives, and I am doing this profoundly inspired by the influence I got, in turn, from the most important people in my life. I’m looking around me and I can not feel anything else than gratefulness. I am grateful for the models I have, because life teaches me a lot by their examples. I am surrounded by special people, beginning with my mentor, Fr. Teodosie, who is a true father to me. He is sustaining me in all situations, he is a live model of being a Christian for me, an example of empathizing and communicating with people. I learned from him that you have to be very patient with people, as he is with me all the time. He taught me, by his life, that the strongest way of teaching others is by your own example. He taught me that before night you are the leader who establishes the timetable for the next day. Then, in the morning, you have to be a committed employee and not to negotiate the things you have already planned to do. He also showed me how one can make a masterpiece from each day and praise God for all. I would like to thank my supervisors Prof. Dr. Ferucio Laurent¸iu T¸iplea and Prof. Dr. C˘at˘alinDima for all their help and support. Professor T¸iplea taught me that you can always be kind with others, no matter how they act or speak to you. I realized through his example that you always have to see value in people, you have to focus on their strengths, you have to appreciate, respect, and believe in them and also that you have to add value to people all the time - as John Maxwell said - these are the seeds for success. He gently guided me all these six years, and still does in a very efficient and thoughtful way. From Lect. Dr. Sorin Iftene I have learned that whenever you have the opportunity to encourage people, it is a great idea to do so. He also taught me by his example how to always be thoughtful and attentive to others’ needs. From FCS I have learned how to act with yourself and the fact that you can be as strict as you wish with yourself but very lenient with others. I am also grateful to FCS for its constant support and mentoring and for offering the perfect environment for writing this thesis.
iii They are like a lighthouse showing the direction. I look forward to giveback, to reward the trust that they invested in me and without which I would not have gotten here. Even if words are too poor, I would like to thank them all, along with other great people that surrounded me throughout the process, for their contribution. I express here my profound gratitude to God, to the Holy Theotokos, to all Saints and to my guardian angel who took care of me all the time. This thesis does not represent the ending but rather the beginning of a new period of research in this area. In the last five years of study I had the chance to attend many (inter)national conferences and winter/summer schools on related topics that opened up new horizons in my research and also spurred me to improve my English enough to be able to teach in English. I am ever so grateful to our faculty and to all those who have facilitated such opportunities. One of them is Lect. Dr. Emanuel Onica who helped me to attend a lot of interesting and useful scientific events by his projects. Last but not least, I want to thank my parents and my friends who understood me patiently and sustained me along the way. Words are never enough to express my gratitude. Thank you! God bless you all!
iv .
To Fr. Teodosie,
v vi Contents
Preface 5 Thesis overview ...... 5 Thesis contributions ...... 8
List of publications 11
1 Introduction to cryptography and quadratic residues 13 1.1 Some history ...... 13 1.2 Principles, goals and security in modern cryptography ...... 16 1.3 Quadratic residues in mathematics ...... 22 1.4 Quadratic residues in cryptology ...... 25 1.5 Literature review ...... 26
2 Prerequisites 31 2.1 Congruence ...... 31 2.2 Probabilities ...... 32 2.3 Complexity ...... 35 2.4 Quadratic residues ...... 35 2.4.1 Legendre and Jacobi symbols ...... 37 2.4.2 Computing square roots ...... 40
3 On the distribution of quadratic residues 45 3.1 Counting quadratic residues and non-residues in the set a + X .... 49 3.1.1 The case of prime moduli ...... 50 3.1.2 The case of RSA moduli ...... 56 3.2 Computing probabilities on sets Y(a + X)...... 68
vii 3.3 Concluding remarks ...... 70
4 Applications of QR to IBE 71 4.1 Cocks’ IBE scheme ...... 72 4.1.1 Cocks’ IBE ciphertexts ...... 73 4.1.2 Galbraith’s test ...... 78 4.1.3 Anonymous Cocks’ schemes ...... 81 4.1.4 Concluding remarks ...... 87 4.2 Boneh-Gentry-Hamburg’s IBE scheme ...... 87 4.2.1 Associated polynomials ...... 89 4.2.2 The BGH scheme and its security ...... 89 4.2.3 A new security analysis for BasicIBE scheme ...... 95 4.2.4 Concluding remarks ...... 97 4.3 QR-based IBE schemes that fail security ...... 98 4.3.1 Jhanwar-Barua scheme ...... 98 4.3.2 Other insecure IBE schemes based on QR ...... 103 4.3.3 Concluding remarks ...... 104 4.4 Continuous mutual authentication ...... 105 4.4.1 Real privacy management ...... 106 4.4.2 RPM description ...... 111 4.4.3 Continuous mutual authentication and data security ...... 116 4.4.4 Concluding remarks ...... 118 4.5 Pseudo-random generators ...... 119 4.5.1 Pseudo-randomness from QR ...... 120 4.5.2 Concluding remarks ...... 122
5 From identity-based to attribute-based encryption 123 5.1 Introduction ...... 123 5.2 ABE and the backtracking attack ...... 126 5.3 KP-ABE for Boolean circuits using secret sharing and bilinear maps . 131 5.3.1 The secure KP-ABE Scheme 1...... 131 5.3.2 Concluding remarks ...... 142 5.4 KP-ABE for Boolean circuits using secret sharing and multilinear maps 143
viii 5.4.1 The secure KP-ABE Scheme 2...... 144 5.4.2 Concluding remarks ...... 155
6 Conclusion and open problems 157
Bibliography 163
ix x Preface
About this thesis
The most inspiring aspect in doing this thesis was “the improvement”, not only re- garding some schemes and boundaries in security proofs, but reaching the next level in the research process, growth and comprehending. This is what guarantees the future results and gives beauty to the process. We started five years ago from some problems which are of great interest in cryp- tography. Searching an efficient variant of Cocks’ IBE scheme was one of them. Then, starting from it, we investigated the set of integers which are obtained by adding a
∗ quadratic residue to an integer in Zn, i.e. the set a + QRn, as we will deeply discuss in Chapter 3 of this thesis. Another starting point in this research was the proof of Galbraith’s test, addressed in detail in Section 4.1.2, the anonymization and the se- curity of Cocks’ IBE scheme, together with applications of this scheme and attribute based encryption, which is considerable useful in cloud computing, access control in cloud and other fields. These are the main subjects which we describe in this thesis.
Thesis overview
Chapter 1: Introduction to cryptography and quadratic residues
In the first chapter, after a short review of the thesis, we present some phases in the history of cryptology - one of the areas regarding information hiding (see Figure 1.1 on page 16). We emphasize the niche of Public Key Cryptography (PKE) and specially Identity-based Encryption (IBE), until we get to IBE based on quadratic residues (QR). This is one of the areas where we applied some of our mathematical results in
5 6 Preface
Chapter 3. In Section 1.2 we state two main principles of cryptology followed immediately by the objectives of cryptography together with the security goals that have to be satisfied according to the security model which a cryptosystem reaches. In Figure 1.2 on page 21 we can see the relation between these security models. The security level of a cryptographic scheme is usually proved using security games, as the one presented in the end of Section 1.2. In the following two sections we point out some of the areas where quadratic residues are of great interest, focusing mainly on mathematical aspects, Section 1.3, and cryptographic aspects, Section 1.4. In the last section of Chapter 1 we shortly present the literature review regarding mainly four key aspects around which our study shall be structured. The first one is related to the mathematical results in Chapter 3, i.e. the distribution of QR and the Jacobi patterns, aiming to get the exact cardinality of sets like QRn(a + QRn) - the set of QR in the set a + QRn. These results bring the second key point which consists of QR-based IBE schemes, including the anonymous variants. This subject is addressed in Chapter 4. The third aspect of our study is the application of such schemes in Real Privacy Management (RPM) in order to provide Continuous Mutual Authentication (CMA). In the end of the section, the state of the art regarding ABE is presented, focusing on KP-ABE.
Chapter 2: Prerequisites
This chapter introduces some notations, definitions, and basic results from number theory, probabilities, and complexity which we are going to use along the thesis. A special place here is taken by quadratic residues, the Legendre and Jacobi symbols together with some square root extraction algorithms.
Chapter 3: On the distribution of quadratic residues
This chapter begins with the motivation of the study we did regarding the distribution of quadratic residues1. Unfortunately, the Cocks’ IBE scheme was proved not to be anonymous by Galbraith’s test. This test was briefly presented in two papers [41, 14]
1These results are attained in a joint work with F.L. T¸iplea, S. Iftene, and G. Te¸seleanu and were published in [280, 78] Preface 7 but we felt that a more rigorous proof of this test and explicit computations would’ve been useful. Our research has lead to important results with exact formulas for the cardinality of a multitude of sets with different Jacobi patterns. In Section 3.2 few examples of calculating probabilities using these distributions were presented. These probabilities are of great interest not only for encryption schemes, but also in diverse issues like security of cryptosystems or pseudo-random generators.
Chapter 4: Applications of quadratic residues to identity- based encryption
This chapter presents some applications of our results from Chapter 3. First we briefly recall Cocks’ scheme then we deeply analyze its cryptotexts in order to prepare the foundation for the proof of Galbraith test. Then we present an anonymous variant of this scheme, proposed by G.A. Schipor in [251], followed by a much simple description of Joye’s anonymous variant of Cocks’ IBE scheme, which was detailed in [215]. In Section 4.2 some QR-based IBE schemes are described starting with BGH [44], which is an IND-ID-CPA secure scheme, with improved ciphertext expansion, compared to Cocks’, but less time efficient. We obtained in [253] a better upper bound for the BGH scheme which is described in Section 4.2.3. In Section 4.3 we will see other attempts of improving time efficiency of BGH, but, unfortunately, they are insecure, as Schipor proved in [250]. These results were clearly presented in [279]. Section 4.4 describes a technique for continuous mutual authentication, namely RPM, with its four configurations, while in Section 4.4.3 we showed how, using Cocks’ scheme in one of the configurations, results an improved variant of RPM.
Chapter 5: From identity-based to attribute-based encryption
Chapter 5 is very important by the fact that it presents a generalization of IBE with applications in a huge variety of niches as cloud computing and IoT. It begins with a brief introduction on ABE, utility, types of ABE and the state of the art, followed, in Section 5.2, by some definitions and notations regarding ABE, together with the general structure and correctness of an ABE scheme, the backtracking attack and some deeper details on KP-ABE schemes - the core topic of the chapter. In Sections 5.3 8 Preface
and 5.4 two efficient KP-ABE schemes are presented, accompanied by their security proofs, implementation issues, applications, complexity and comparisons. In Chapters 3 to 5, there are some sections called Concluding remarks. They sum up the key-ideas and results discussed in the sections above them and emphasize the contribution on those areas.
Chapter 6: Conclusion and open problems
In this last chapter we draw conclusions and present some open problems regarding the results obtained in the thesis and further work.
Thesis contributions
After the introduction and preliminaries in Chapters 1 and 2 the next chapters expose our work as follows. Chapter 3 presents some results we developed regarding sets such
as QNRm(a + QRm), the set of integers of the form a + QRm which are quadratic non-residues modulo m. These sets are very useful for cryptography due to the fact that cryptographic schemes can be created using them [71, 44, 123]. In order to develop new results we analyzed the state of the research. Thus, a useful timeline expressing the state of the art regarding the distribution of residues is presented in Figures 3.1 and 3.2 on pages 47, 48. So, the reader can create his own view about the importance and the great interest on this topic. Perron’s work on the distribution of quadratic residues and non-residues in sets
like a + QRm focuses on prime moduli [223]. We extended these results to the case
where the modulus is an RSA integer. We also generalized the case a + QRm and ∗ studied sets of the form a+X, where X can be one of the sets Zm, Zm, QRm, QNRm, and the modulus can be either a prime or an RSA integer. In the last case, when m
± is of the form p · q, for some distinct primes p and q, X may also be one of the sets Jm ∓ and Jm. For all these sets a+X we presented not only their cardinals, but we counted the number of elements for all Jacobi patterns on these sets. Section 3.2 shows how
− to compute probabilities on these sets, for example, the probability that x is in Jn ∗ when it is extracted uniformly at random from the set a + Zn, see Corollary 3.2.1. In Chapter 4 some applications of the results in Chapter 3 were detailed, together Preface 9 with an interesting combination between a continuous mutual authentication protocol and Cocks’ IBE scheme.
In Section 4.1 we deeply analyzed Cock’s IBE scheme and its cryptotexts structure in order to be able to compute the exact probability that a given cryptotext was encrypted for a given identity, see Section 4.1.2. Thus, in Section 4.1.1, first we studied the way that the messages are encrypted, and how the sets of cryptotexts outputted by this scheme look like. Thus, the computations in Section 4.1.2 were done using the results achieved in Chapter 3 and the cardinalities in Section 4.1.1. Then we have shown in section 4.1.3 how efficient anonymized Cocks’ cryptotexts can be obtained from non-anonymous ones as an independent process. One such secure anonymous scheme is due to G.A. Schipor [251]. Right after this scheme, in Section 4.1.3, we showed how easily the anonymization variant of Cocks’ IBE scheme due to Joye [158] can be described, without using cyclotomic polynomials and algebraic toruses, as it was presented in [215].
Cocks’ IBE scheme, notwithstanding its simplicity and elegance, outputs quite large cryptotexts, 2logn bits per bit of plaintext. Section 4.2 describes a solution proposed in 2007 by Boneh et al., the BasicIBE (shortened here into BGH) which improves the length of the cryptotexts at the cost of increasing the time complexity to quartic in the security parameter. This scheme is proven to be IND-ID-CPA secure under the QR assumption for the RSA generator in the random oracle model (ROM), as we can see in Section 4.2.2. A better upper bound for BGH scheme has been obtained in [253] and it is detailed in Section 4.2.3.
Starting from [44] Jhanwar and Barua tried to make the encryption/decryption processes faster, as it is presented in Section 4.3.1 (their scheme will be called here JB for short). The bottleneck of the scheme proposed by Boneh et al. was the algorithm for solving Equation (4.2).
In [156], the same two researchers, Jhanwar and Barua, found a very useful prob- abilistic algorithm for finding solutions to Equation (4.2) on page 88 instead of the deterministic one of Boneh et al. Unfortunately, the scheme proposed by them is no longer a secure variant of Cocks’ scheme due to the method of combining the solutions of two congruential equations in order to get a third solution to another equation. As A. Schipor showed, the variants of the schemes presented by Elashry, Mu, and Susilo 10 Preface
in [105] and [103] suffer from the same security weakness. Thus, for the moment, the QR-based IBE schemes which remain secure are Cocks’ scheme, BGH and their anonymous variants, as it is detailed in [279]. For a comparison between Cocks’ and BGH cryptosystems see Table 4.1 on page 105. An important contribution of the thesis relies to continuous mutual authentication. When two parts wish to communicate securely they (both) will want to be sure, at each moment during the process, that on the other end of the “line” is the person that they aspect to be and not a third party, not an eavesdropper. In order to achieve this, continuous (mutual) authentication is needed. But what if, at a certain point, an intruder will decode their communication? Is there any possibility that the communication become secure again during the same process, without interrupting it and start it over? This property was first defined by Elashry et al. in [104], who called it resiliency. We found a way to achieve this property using Cocks’ IBE scheme, which perfectly fits to RPM configurations, see Section 4.4. In the end of Chapter 4 we will see how pseudorandom generators can be created using quadratic residues, which is another important application of QR in cryptogra- phy. Thus, in Chapter 5 we outlined the latest ideas developed in the area of KP- ABE schemes based on bilinear maps and secret sharing. We conclude that, for safety, leveled multi-linear maps should be avoided. However, the current solutions for Boolean circuits in general which use bilinear maps are not efficient. So, finding a balanced variant for this kind of circuits remains an open problem. List of publications
1. F. L. T¸iplea, S. Iftene, G. Te¸seleanu, and A.-M. Nica. On the distribution of quadratic residues and non-residues modulo composite integers and applications to cryptography. Applied Mathematics and Computation, vol. 372, May 2020 (Journal impact factor: 3.092), available on-line, doi.org/10.1016/j.amc.2019.124993.
2. A.-M. Nica, Continuous mutual authentication and data security. Interna- tional Journal of Computer Science and Information Security (IJCSIS), vol. 17, February 2019 (Journal impact factor: 0.702).
3. A.-M. Nica and F. L. T¸iplea. On anonymization of Cocks identity-based en- cryption scheme (extended version of the conference paper). In Computer Science Journal of Moldova, vol.27, no.3(81), pp.283-298, 2019 http: //www.math.md/publications/csjm/issues/v27-n3/13001/ (Journal indexed in Web of Science).
4. A.-M. Nica and F. L. T¸iplea. On anonymization of Cocks identity-based en- cryption scheme. In Proceedings of the 5th Conference on Mathematical Foundations of Informatics, MFOI 2019, Iasi, Romania, July 3-6, 2019, Ed- itura Universit˘at¸ii “Alexandru Ioan Cuza”, Iasi, pages 75-85, 2019.
5. G. Te¸seleanu, F. L. T¸iplea, S. Iftene, and A.-M. Nica. Boneh-Gentry-Hamburg’s identity-based encryption schemes revisited. In Proceedings of the 5th Con- ference on Mathematical Foundations of Informatics, MFOI2019, July 3-6, 2019, Iasi, Romania, pages 45 – 58, 2019.
6. F. L. T¸iplea, C. C. Dr˘agan,and A.-M. Nica, Key-policy attribute-based en- cryption from bilinear maps, in Innovative Security Solutions for Information
11 Technology and Communications - 10th International Conference, SecITC 2017, Bucharest, Romania, June 8-9, 2017, Revised Selected Papers, Lecture Notes in Computer Science 10543, pp. 28–42, 2017.
7. F. L. T¸iplea, S. Iftene, G. Te¸seleanu, and A.-M. Nica, Security of identity-based encryption schemes from quadratic residues, in Innovative Security Solutions for Information Technology and Communications - 9th International Conference, SecITC 2016, Bucharest, Romania, June 9-10, 2016, Revised Selected Papers, Lecture Notes in Computer Science 10006, pp. 63–77, 2016.
8. G. Te¸seleanu, F. L. T¸iplea, S. Iftene, and A.-M. Nica. Boneh-Gentry-Hamburg’s identity-based encryption schemes revisited, IET Information Security (un- der review) Bibliography
[1] Michel Abdalla, Mihir Bellare, Dario Catalano, Eike Kiltz, Tadayoshi Kohno, Tanja Lange, John Malone-Lee, Gregory Neven, Pascal Paillier, and Haixia Shi. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions. CRYPTO, pages 205–222, 2005.
[2] Michel Abdalla, Fabrice Benhamouda, and David Pointcheval. On the tightness of forward-secure signature reductions. Journal of Cryptology, 32(1):84–150, Jan 2019.
[3] El-Tigani B. Abdelsatir, Sahar Salahaldeen, Hyam Omar, and Afra Hashim. A novel (k, n) secret sharing scheme from quadratic residues for grayscale images. CoRR, abs/1408.3245, 2014.
[4] Alexandra Afanasyeva, Sergey Bezzateev, Evgeny Linsky, Vitaly Petrov, and DaeYoub Kim. Threshold identity based encryption scheme on quadratic residues. In 2012 XIII International Symposium on Problems of Redundancy in Information and Control Systems, pages 1–4, Sep 2012.
[5] Shweta Agrawal, Dan Boneh, and Xavier Boyen. Efficient lattice (H)IBE in the standard model. In Henri Gilbert, editor, Advances in Cryptology – EURO- CRYPT 2010, pages 553–572, Berlin, Heidelberg, 2010. Springer.
[6] Shweta Agrawal and Xavier Boyen. Identity-based encryption from lattices in the standard model. Manuscript, Jul 2009. Available at http://www.cs.
stanford.edu/~xb/ab09/.
[7] Shweta Agrawal, Xavier Boyen, Vinod Vaikuntanathan, Panagiotis Voulgaris, and Hoeteck Wee. Fuzzy identity based encryption from lattices. Preprint on
163 164 Bibliography
IACR Cryptology ePrint Archive. Report 2011/414, 2011. https://eprint. iacr.org/2011/414.
[8] Syed Jalal Ahmad and P. Radha Krishna. BHQRSM: Binary hex quadratic residue security model to enhance the trust in MANETs. Wireless Personal Communications, 101(2):661–676, Jul 2018.
[9] Davide Alessio and Marc Joye. Public key encryption system based on the quadratic residuosity assumption, Aug 30, 2016. US Patent 2016/9432191 B2.
[10] Nesmith C. Ankeny. The least quadratic non residue. Annals of Mathematics, 55(1):65–72, Jan 1952.
[11] Michael Anshel and Dorian Goldfeld. Zeta functions, one-way functions, and pseudorandom number generators. Duke Mathematical Journal, 88(2):371–390, Jun 1997.
[12] V.I. Arnol’d. Are quadratic residues random? Regular and Chaotic Dynamics, 15(4-5):425–430, Oct 2010.
[13] Giuseppe Ateniese, Katharina Fech, and Bernardo Magri. A family of FDH signature schemes based on the quadratic residuosity assumption. In Debrup Chakraborty and Tetsu Iwata, editors, Progress in Cryptology – INDOCRYPT 2018, pages 248–262, Cham, 2018. Springer International Publishing.
[14] Giuseppe Ateniese and Paolo Gasti. Universally anonymous IBE based on the quadratic residuosity assumption. In Proceedings of the The Cryptographers’ Track at the RSA Conference 2009 on Topics in Cryptology, CT-RSA ’09, pages 32–47, Berlin, Heidelberg, 2009. Springer-Verlag.
[15] A. Oliver L. Atkin. Probabilistic primality testing. Technical Report 1779, INRIA, 1992.
[16] Nuttapong Attrapadung, Yang Cui, David Galindo, Goichiro Hanaoka, Ichiro Hasuo, Hideki Imai, Kanta Matsuura, Peng Yang, and Rui Zhang. Relations among notions of security for identity based encryption schemes. In Proceedings of the 7th Latin American conference on Theoretical Informatics, LATIN’06, pages 130–141, Berlin, Heidelberg, 2006. Springer-Verlag. Bibliography 165
[17] Jean-Philippe Aumasson. The impact of quantum computing on cryptography. Computer Fraud & Security, 2017(6):8–11, Jun 2017.
[18] E. Bach. Realistic analysis of some randomized algorithms. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, STOC ’87, pages 453–461, New York, NY, USA, 1987. ACM.
[19] Ali Bagherzandi, Kooshiar Azimian, Javad Mohajeri, and Mahmoud Salma- sizadeh. Relations between semantic security and indistinguishability against CPA, non-adaptive CCA and adaptive CCA in comparison based framework. CoRR, abs/cs/0508110, 2005.
[20] Ali Bagherzandi, Javad Mohajeri, and Mahmoud Salmasizadeh. Comparison based semantic security is probabilistic polynomial time equivalent to indistin- guishability. International Journal of Network Security, 6(3):354–360, 2008.
[21] Rana Barua and Mahabir Prasad Jhanwar. On the number of solutions of the equation Rx2 + Sy2 = 1 (mod N). The Indian Journal of Statistics, 72-A:226– 236, 2010.
[22] Oswald Baumgart. The Quadratic Reciprocity Law. Springer International Pub- lishing, Switzerland, 2015.
[23] Mihir Bellare, Alexandra Boldyreva, Anand Desai, and David Pointcheval. Key- privacy in public-key encryption. In Proceedings of the 7th International Con- ference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT ’01, pages 566–582, London, UK, 2001. Springer-Verlag.
[24] Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway. Relations among notions of security for public-key encryption schemes. In Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptol- ogy, CRYPTO ’98, pages 26–45, London, UK, 1998. Springer-Verlag.
[25] Mihir Bellare and Viet Tung Hoang. Identity-based format-preserving encryp- tion. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and 166 Bibliography
Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pages 1515–1532, 2017.
[26] Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway. Foundations of gar- bled circuits. In Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS ’12, pages 784–796, New York, NY, USA, 2012. ACM.
[27] Mihir Bellare, Dennis Hofheinz, and Scott Yilek. Possibility and impossibil- ity results for encryption and commitment secure under selective opening. In Advances in Cryptology - EUROCRYPT 2009, 28th Annual International Con- ference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26-30, 2009. Proceedings, pages 1–35, 2009.
[28] Mihir Bellare, Chanathip Namprempre, and Gregory Neven. Security proofs for identity-based identification and signature schemes. Journal of Cryptology, 22(1):1–61, 2009.
[29] Mihir Bellare and Phillip Rogaway. Optimal asymmetric encryption. In Alfredo De Santis, editor, Advances in Cryptology — EUROCRYPT ’94, pages 92–111, Berlin, Heidelberg, 1995. Springer.
[30] Mihir Bellare and Phillip Rogaway. Optimal Asymmetric Encryption – How to Encrypt with RSA. pages 92–111. Springer-Verlag, 1995.
[31] Mihir Bellare, Brent Waters, and Scott Yilek. Identity-based encryption secure against selective opening attack. In Theory of Cryptography - 8th Theory of Cryptography Conference, TCC 2011, Providence, RI, USA, March 28-30, 2011. Proceedings, pages 235–252, 2011.
[32] K. Bentahar, P. Farshim, J. Malone-Lee, and N. P. Smart. Generic constructions of identity-based and certificateless kems. Journal of Cryptology, 21(2):178–199, Apr 2008.
[33] H. J. Bentz and J. Pintz. Quadratic residues and the distribution of prime numbers. Monatshefte f¨urMathematik, 90(2):91–100, 1980. Bibliography 167
[34] G. E. Bergum and J. H. Jordan. The distribution of quadratic residues in fields of order p2. Mathematics Magazine, 45(4):194–200, Sep 1972.
[35] John Bethencourt, Amit Sahai, and Brent Waters. Ciphertext-policy attribute- based encryption. In IEEE Symposium on Security and Privacy, S&P 2007, pages 321–334, Washington, DC, USA, 2007. IEEE Computer Society.
[36] Sergey Bezzateev and Daeyoub Kim. Threshold encryption scheme based on Cocks’ IBE scheme. In The KIPS Transactions: Part C, volume 19C, pages 225–230, Aug 2012.
[37] R. G. Bierstedt and W. H. Mills. On the bound for a pair of consecutive quartic residues of a prime. Proceedings of the American Mathematical Society, 14:628– 632, 1963.
[38] Roger Bilisoly. Searching for patterns among squares modulo p. In Ameri- can Statistical Association Proceedings of the Joint Statistical Meetings, 2016, Institute of Mathematical Statistics Section, pages 1094–1100, 2016.
[39] David M. Bloom. A quadratic residues parlor trick. Mathematics Magazine, 71(3):201–203, Jun 1998.
[40] Lenore Blum, Manuel Blum, and Mike Shub. A simple unpredictable pseudo- random number generator. SIAM Journal on Computing, 15(2):364–383, 1986.
[41] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In Advances in Cryptology - EU- ROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004, Proceedings, volume 3027 of Lecture Notes in Computer Science, pages 506–522. Springer, 2004.
[42] Dan Boneh and Matthew K. Franklin. Identity-based encryption from the Weil pairing. In Joe Kilian, editor, The 21st Annual International Cryptology Con- ference on Advances in Cryptology, Santa Barbara, California, USA, August 19–23, 2001. Proceedings, CRYPTO ’01, pages 213–229. Springer Berlin Hei- delberg, Berlin, Heidelberg, Aug 2001. 168 Bibliography
[43] Dan Boneh and Matthew K. Franklin. Identity-based encryption from the Weil pairing. SIAM Journal on Computing, 32(3):586–615, 2003.
[44] Dan Boneh, Craig Gentry, and Michael Hamburg. Space-efficient identity based encryption without pairings. In 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2007), October 20-23, 2007, Providence, RI, USA, Proceedings, pages 647–657, 2007.
[45] Xavier Boyen and Brent Waters. Anonymous hierarchical identity-based en- cryption (without random oracles). In Cynthia Dwork, editor, Advances in Cryptology - CRYPTO 2006, pages 290–307, Berlin, Heidelberg, 2006. Springer Berlin Heidelberg.
[46] Zvika Brakerski, Alex Lombardi, Gil Segev, and Vinod Vaikuntanathan. Anony- mous IBE, leakage resilience and circular security from new assumptions. In Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Con- ference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part I, pages 535–564, 2018.
[47] S. A. Brands and R. D. Gill. Cryptography, statistics, and pseudorandomness. I. Probability and Mathematical Statistics, 15:101–114, 1995.
[48] S. A. Brands and R. D. Gill. Cryptography, statistics, and pseudorandomness. II. Probability and Mathematical Statistics, 16(1):1–17, 1996.
[49] Gilles Brassard. Cryptography in a quantum world. In Proceedings of the 42Nd International Conference on SOFSEM 2016: Theory and Practice of Computer Science - Volume 9587, pages 3–16, Berlin, Heidelberg, 2016. Springer-Verlag.
[50] Alfred Brauer. On the distribution of the Jacobian symbols. Mathematische Zeitschrift, 58(1):226–231, 1953.
[51] John Brillhart, Derrick Norman Lehmer, and Emma Lehmer. Bounds for pairs of consecutive seventh and higher power residues. Mathematics of Computation, 18(87):397–407, Jul 1964.
[52] J. Buchmann, K. Lauter, and M. Mosca. Postquantum cryptography – state of the art. IEEE Security Privacy, 15(4):12–13, 2017. Bibliography 169
[53] Johannes A. Buchmann. Introduction to Cryptography. Springer-Verlag New York, Inc., Secaucus, NJ, USA, 1st edition, 2000.
[54] Duncan A. Buell and Richard H. Hudson. On runs of consecutive quadratic residues and quadratic non-residues. BIT Numerical Mathematics, 24(2):243– 247, 1984.
[55] D. A. Burgess. The distribution of quadratic residues and non-residues. Math- ematika, 4(2):106–112, 1957.
[56] Axel Busboom. Construction of pseudo-noise arrays from quadratic residues. Signal Processing, 72(1):33–38, 1999.
[57] Antonio Caminha Muniz Neto. An Excursion through Elementary Mathematics, volume III of Problem Books in Mathematics. Springer, 2018.
[58] Antonio Caminha Muniz Neto. Primitive roots and quadratic residues. In An Excursion through Elementary Mathematics, Volume III: Discrete Mathemat- ics and Polynomial Algebra, pages 283–315. Springer International Publishing, Cham, 2018.
[59] Ebru Celikel Cankaya. Authentication. In Henk C. A. van Tilborg and Sushil Ja- jodia, editors, Encyclopedia of Cryptography and Security, pages 61–62. Springer US, Boston, MA, 2011.
[60] ZhenChuan Chai, ZhenFu Cao, and XiaoLei Dong. Identity-based signature scheme based on quadratic residues. Science in China Series F: Information Sciences, 50(3):373–380, Jun 2007.
[61] Fernando Chamizo and Antonio C´ordoba. One-dimensional crystals and quadratic residues. Journal of Number Theory, 65(1):101–104, 1997.
[62] O-Yeat Chan, Geumlan Choi, Alexandru Zaharescu, and Ru Zaharescu. A multidimensional version of a result of Davenport-Erd¨os. Journal of Integer Sequences, 6(2):3, 2003.
[63] Balaji Chandrasekaran and Ramadoss Balakrishnan. Attribute based encryp- tion using quadratic residue for the big data in cloud environment. In Proceed- 170 Bibliography
ings of the International Conference on Informatics and Analytics, ICIA-16, pages 19:1–19:4, New York, NY, USA, 2016. ACM.
[64] C.C. Chang, J.K Jan, and H. C. Kowng. A digital signature scheme based upon the theory of quadratic residues. Computers and Security, 16(1):55–70, Jan 1997.
[65] Jie Chen, Hoon Wei Lim, San Ling, Huaxiong Wang, and Khoa Nguyen. Re- vocable identity-based encryption from lattices. In Willy Susilo, Yi Mu, and Jennifer Seberry, editors, Information Security and Privacy, pages 390–403, Berlin, Heidelberg, 2012. Springer.
[66] Y. Chen, C. D. Lee, J. J. Wang, and Z. W. Kang. Using hash table and cyclotomic coset method for decoding the quadratic residue code. In 2018 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW), pages 1–5, May 2018.
[67] Yalin Chen, Jue-Sam Chou, and Hung-Min Sun. A novel mutual authentication scheme based on quadratic residues for RFID systems. Computer Networks, 52(12):2373 – 2380, 2008.
[68] Michael Clear, Arthur Hughes, and Hitesh Tewari. Homomorphic encryption with access policies: Characterization and new constructions. In Progress in Cryptology - AFRICACRYPT 2013, 6th International Conference on Cryptology in Africa, Cairo, Egypt, June 22-24, 2013. Proceedings, pages 61–87, 2013.
[69] Michael Clear, Hitesh Tewari, and Ciaran McGoldrick. Anonymous IBE from quadratic residuosity with improved performance. In Progress in Cryptology - AFRICACRYPT 2014 - 7th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 28-30, 2014. Proceedings, pages 377–397, 2014.
[70] Clifford Cocks. Note on “Non-secret encryption”. Published within GCHQ, Nov 1973.
[71] Clifford Cocks. An identity based encryption scheme based on quadratic residues. In Bahram Honary, editor, Proceedings of the 8th IMA International Bibliography 171
Conference on Cryptography and Coding, volume 2260 of Lecture Notes in Com- puter Science, pages 360–363, London, UK, Dec 2001. Springer-Verlag.
[72] Henri Cohen. A Course in Computational Algebraic Number Theory, volume 138 of Graduate texts in mathematics. Springer-Verlag, Berlin, Heidelberg, 1993.
[73] Relevant Security Corp. Real privacy management (RPM). Cryptographic de- scription version 3.2, 2010.
[74] Relevant Security Corp. Real privacy management (RPM). Properties descrip- tion for analysis version 2.1. 2011.
[75] Relevant Security Corp. Real privacy management (RPM). Recommendations, considerations and architectures for initial key establishment (IKE) version. 2011.
[76] Trevor J. Cox and Y. W. Lam. Prediction and evaluation of the scattering from quadratic residue diffusers. The Journal of the Acoustical Society of America, 95(1):297–305, 1994.
[77] Giovanni Di Crescenzo and Vishal Saraswat. Public key encryption with search- able keywords based on Jacobi symbols. In Progress in Cryptology - IN- DOCRYPT 2007, 8th International Conference on Cryptology in India, Chen- nai, India, December 9-13, 2007, Proceedings, pages 282–296, 2007.
[78] Wei Dai, Yarkın Dor¨oz,Yuriy Polyakov, Kurt Rohloff, Hadi Sajjadpour, Erkay Sava¸s,and Berk Sunar. Implementation and evaluation of a lattice-based key- policy ABE scheme. IEEE Transactions on Information Forensics and Security, 13(5):1169–1184, 2018.
[79] Ivan Bjerre Damg˚ard.On the randomness of Legendre and Jacobi sequences. In Shafi Goldwasser, editor, Advances in Cryptology — CRYPTO’ 88, pages 163–172, New York, NY, 1990. Springer New York.
[80] Harold Davenport. On the distribution of quadratic residues (mod p). Journal of the London Mathematical Society, s1-6(1):49–54, 1931. 172 Bibliography
[81] Harold Davenport. On the distribution of l-th power residues ( mod p). Journal of the London Mathematical Society, s1-7(2):117–121, 1932.
[82] Harold Davenport. On the distribution of quadratic residues (mod p). Journal of the London Mathematical Society, s1-8(1):46–52, 1933. second paper.
[83] Harold Davenport and Paul Erd¨os. The distribution of quadratic and higher residues. Publicationes Mathematicae (Debrecen), 2:252–265, 1952.
[84] Hans Delfs and Helmut Knebl. Introduction to Cryptography: Principles and Applications. Information Security and Cryptography. Springer-Verlag, Berlin Heidelberg, second edition, 2007.
[85] Hans Delfs and Helmut Knebl. Public-key cryptography. In Introduction to Cryptography, volume 10.1007/3-540-49244-5 of Information Security and Cryp- tography, pages 33–80. 2015.
[86] Haydar Demirhan and Nihan Bitirim. A simulation study on the accuracy of cryptographic randomness tests. SIMULATION: Transactions of the Society for Modeling and Simulation, 93(12):1113–1122, Aug 2017.
[87] Yuqiao Deng and Ge Song. Proxy re-signature scheme based on quadratic residues. Journal of networks, 6(10):1459–1465, 2011.
[88] Yvo Desmedt and Andrew M. Odlyzko. A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes. In Advances in Cryptology, CRYPTO ’85, pages 516–522, Berlin, Heidelberg, 1986. Springer-Verlag.
[89] Rainer Dietmann, Christian Elsholtz, and Igor E. Shparlinski. On gaps between quadratic non-residues in the Euclidean and Hamming metrics. Indagationes Mathematicae, 24(4):930–938, Nov 2013.
[90] Whitfield Diffie and Martin E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644–654, 1976.
[91] Lejeune Peter Gustav Dirichlet. There are infinitely many prime numbers in all arithmetic progressions with first term and difference coprime. arXiv e- prints, page arXiv:0808.1408, 2014. Originally published in Abhandlungen der Bibliography 173
K¨oniglich Preussischen Akademie der Wissenschaften von 1837, 45–81. Read to the Academy of Sciences the 27th of July, 1837.
[92] Y. Dodis, M. Prabhakaran, and A. Sahai. On the (im)possibility of cryptography with imperfect randomness. In 45th Annual IEEE Symposium on Foundations of Computer Science, pages 196–205, Oct 2004.
[93] Stan Dolan. 102.03 When quadratic residues are squares. The Mathematical Gazette, 102(553):97–100, 2018.
[94] Danny Dolev, Cynthia Dwork, and Moni Naor. Non-malleable cryptography. In Proceedings of the twenty-third annual ACM symposium on Theory of comput- ing, STOC ’91, pages 542–552, New York, NY, USA, 1991. ACM.
[95] Robin Doss, Saravanan Sundaresan, and Wanlei Zhou. A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems. Ad Hoc Networks, 11(1):383 – 396, 2013.
[96] Robin Doss, Wanlei Zhou, and Shui Yu. Secure RFID tag ownership transfer based on quadratic residues. IEEE Transactions on Information Forensics and Security, 8(2):390–401, Feb 2013.
[97] Constantin C˘at˘alinDr˘aganand Ferucio Laurent¸iu T¸iplea. Efficient key-policy attribute-based encryption for general Boolean circuits from multilinear maps. Preprint on IACR Cryptology ePrint Archive. Report 2014/462, 2014.
[98] Constantin C˘at˘alinDr˘aganand Ferucio Laurentiu T¸iplea. Key-policy attribute- based encryption for general boolean circuits from secret sharing and multi- linear maps. In Enes Pasalic and Lars R. Knudsen, editors, Cryptography and Information Security in the Balkans: Second International Conference, Balkan- CryptSec 2015, Koper, Slovenia, September 3-4, 2015, Revised Selected Papers, pages 112–133. Springer International Publishing, 2016.
[99] L´eoDucas, Vadim Lyubashevsky, and Thomas Prest. Efficient identity-based encryption over NTRU lattices. In Palash Sarkar and Tetsu Iwata, editors, Advances in Cryptology – ASIACRYPT 2014, pages 22–41, Berlin, Heidelberg, 2014. Springer Berlin Heidelberg. 174 Bibliography
[100] M. Dunton. Bounds for pairs of cubic residues. Proceedings of the American Mathematical Society, 16:330–332, 1965.
[101] Chuck Easttom. Modern Cryptography: Applied Mathematics for Encryption and Information Security. McGraw-Hill Education, 2016.
[102] Ibrahim Elashry, Yi Mu, and Willy Susilo. Jhanwar-Baruas identity-based en- cryption revisited. In ManHo Au, Barbara Carminati, and C.-C.Jay Kuo, edi- tors, Network and System Security, volume 8792 of Lecture Notes in Computer Science, pages 271–284. Springer International Publishing, 2014.
[103] Ibrahim Elashry, Yi Mu, and Willy Susilo. A resilient identity-based au- thenticated key exchange protocol. Security and Communication Networks, 8(13):2279–2290, 2015.
[104] Ibrahim F. Elashry, Yi Mu, and Willy Susilo. An efficient variant of Boneh- Gentry-Hamburg’s identity-based encryption without pairing. In Information Security Applications - 15th International Workshop, WISA 2014, Jeju Island, Korea, August 25-27, 2014. Revised Selected Papers, pages 257–268, 2014.
[105] Taher ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4):469–472, Sep 2006.
[106] Katherine Ellison and Susan Kim, editors. A Material History of Medieval and Early Modern Ciphers. Routledge, New York, London, 2018.
[107] Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno. Introduction to cryp- tography. In Cryptography Engineering (Design Principles and Practical Appli- cations), volume 10.1002/9781118722367, pages 23–39, 2015.
[108] J. C. Fields. The numbers of sums of quadratic residues and of non-residues respectively taken n at a time and congruent to any given integer to an odd prime modulus p. Journal f¨urdie reine und angewandte Mathematik (Crelles Journal), 1893(112):247–261, 1893.
[109] K. Fujiwara. A study on the sound absorption of a quadratic-residue type diffuser. Acta Acustica united with Acustica, 81(4):370–378, 1995. Bibliography 175
[110] S. Galbraith. Personal communication.
[111] Sanjam Garg, Craig Gentry, and Shai Halevi. Candidate multilinear maps from ideal lattices. In Thomas Johansson and Phong Q. Nguyen, editors, Advances in Cryptology – EUROCRYPT 2013, volume 7881 of Lecture Notes in Computer Science, pages 1–17, Berlin, Heidelberg, 2013. Springer Berlin Heidelberg.
[112] Sanjam Garg, Craig Gentry, Shai Halevi, Amit Sahai, and Brent Waters. Attribute-based encryption for circuits from multilinear maps. In Ran Canetti and Juan A. Garay, editors, Advances in Cryptology – CRYPTO 2013, volume 8043 of Lecture Notes in Computer Science, pages 479–499. Springer Berlin Heidelberg, 2013.
[113] Carl Friedrich Gauß. Untersuchungen ¨uber h¨ohere Arithmetik. EuDML, 1889.
[114] A.O. Gel’fond and Yu.V. Linnik. Elementary methods in the analytic theory of numbers. Pure & Applied Mathematics Monograph. The M. I. T. Press, 1966.
[115] R. Gennaro. Randomness in cryptography. IEEE Security and Privacy, 4:64–67, Mar 2006.
[116] Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. Trapdoors for hard lattices and new cryptographic constructions. In Proceedings of the fortieth annual ACM Symposium on Theory of Computing (STOC), pages 197–206, 2008.
[117] Herbert James Godwin. On the least quadratic non-residue. Mathematical Proceedings of the Cambridge Philosophical Society, 61(3):671–672, 1965.
[118] Oded Goldreich. A note on computational indistinguishability. Information Processing Letters, 34(6):277–281, 1990.
[119] Oded Goldreich. Modern Cryptography, Probabilistic Proofs and Pseudorandom- ness. Algorithms and Combinatorics 17. Springer-Verlag, Berlin Heidelberg, 1 edition, 1999.
[120] Oded Goldreich. Studies in Complexity and Cryptography, volume 6650 of Lec- ture Notes in Computer Science. Springer-Verlag Berlin Heidelberg, 1st edition, 176 Bibliography
2011. In Collaboration with Lidor Avigad, Mihir Bellare, Zvika Brakerski, Shafi Goldwasser, Shai Halevi, Tali Kaufman, Leonid Levin, Noam Nisan, Dana Ron, Madhu Sudan, Luca Trevisan, Salil Vadhan, Avi Wigderson, David Zuckerman.
[121] Shafi Goldwasser. Lecture 3: Cock’s IBE scheme. Course 6.876: Advanced Cryptography, Sep 2004.
[122] Shafi Goldwasser and Silvio Micali. Probabilistic encryption and how to play mental poker keeping secret all partial information. In Proceedings of the 14th Annual ACM Symposium on Theory of Computing, May 5-7, 1982, San Fran- cisco, California, USA, pages 365–377, 1982.
[123] Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Com- puter and System Sciences, 28(2):270–299, 1984.
[124] Sergey Gorbunov, Vinod Vaikuntanathan, and Hoeteck Wee. Attribute-based encryption for circuits. In Dan Boneh, Tim Roughgarden, and Joan Feigenbaum, editors, STOC, pages 545–554. ACM, 2013.
[125] Mokshi Goyal and Madhu Raka. Quadratic residue codes over the ring
m Fp[u]/hu − ui and their gray images. Cryptography and Communications, 10(2):343–355, Mar 2018.
[126] Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS ’06, pages 89–98, New York, NY, USA, 2006. ACM.
[127] Ronald L. Graham. On quadruples of consecutive kth power residues. Proceed- ings of the American Mathematical Society, 15(2):196–197, April 1964.
[128] Bogdan Groza. Broadcast authentication protocol with time synchronization and quadratic residues chain. In Proceedings of the The Second International Conference on Availability, Reliability and Security, ARES 2007, The Interna- tional Dependability Conference - Bridging Theory and Practice, April 10-13 2007, Vienna, Austria, pages 550–557, 2007. Bibliography 177
[129] Jabeom Gu, Sehyun Park, Ohyoung Song, Jaeil Lee, Jaehoon Nah, and Sung- won Sohn. Mobile PKI: A PKI-based authentication framework for the next generation mobile communications. In Rei Safavi-Naini and Jennifer Seberry, editors, Information Security and Privacy, pages 180–191, Berlin, Heidelberg, 2003. Springer Berlin Heidelberg.
[130] T. Aaron Gulliver and Nikolai Senkevitch. On a class of self-dual codes derived from quadratic residues. IEEE Transactions on Information Theory, 45(2):701– 702, 1999.
[131] Y. Guo, Y. Liu, Z. Chen, and C. Huang. Constructions of quantum codes based on quadratic residues. In 2009 Fifth International Conference on Natural Computation, volume 6, pages 514–518, Aug 2009.
[132] N. R. Hardman and J. H. Jordan. The distribution of quadratic residues in fields of order p2. Mathematics Magazine, 42(1):12–17, Apr 1969.
[133] Aboul Ella Hassanien, Nilanjan Dey, and Surekha Borra, editors. Medical Big Data and Internet of Medical Things: Advances, Challenges and Applications. CRC Press, 2018.
[134] Ryotaro Hayashi and Keisuke Tanaka. Universally anonymizable public-key encryption. In Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security, ASIACRYPT ’05, pages 293–312, Berlin, Heidelberg, Dec 2005. Springer-Verlag.
[135] Debiao He, Neeraj Kumar, Naveen Chilamkurti, and Jong-Hyouk Lee. Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. Journal of Medical Systems, 38(10):116, Aug 2014.
[136] R. Heathcote, A. Anderson-Asubonteng, R. J. Clarke, M. P. Selwood, C. Spindloe, and N. Booth. Coded aperture X-ray imaging of high power laser- plasma interactions on the vulcan laser system, 2018.
[137] Jeffrey Hoffstein, Jeffrey Hoffstein, and Joseph H. Silverman. An Introduction to Mathematical Cryptography. Undergraduate Texts in Mathematics. Springer, second edition, 2014. 178 Bibliography
[138] Dennis Hofheinz and Eike Kiltz. The group of signed quadratic residues and applications. In Shai Halevi, editor, Advances in Cryptology - CRYPTO 2009, pages 637–653, Berlin, Heidelberg, 2009. Springer Berlin Heidelberg.
[139] Susan Hohenberger and Brent Waters. Attribute-based encryption with fast decryption. In Kaoru Kurosawa and Goichiro Hanaoka, editors, Public-Key Cryptography – PKC 2013, pages 162–179, Berlin, Heidelberg, 2013. Springer Berlin Heidelberg.
[140] Han-Cheng Hsiang, Hsiang-Chou Kuo, and Wei-Kuan Shih. Security enhance- ment for a novel mutual authentication scheme based on quadratic residues for RFID systems. In The Second International Conference on Future Generation Communication and Networking, FGCN 2008, Volume 2, Workshops, Hainan Island, China, December 13-15, 2008, pages 197–200, 2008.
[141] Peng Hu and Haiying Gao. A key-policy attribute-based encryption scheme for general circuit from bilinear maps. International Journal of Network Security, 19(5):704–710, 2017.
[142] Loo-Keng Hua. On the distribution of quadratic non-residues and the Euclidean algorithm in real quadratic fields. I. Transactions of the American Mathematical Society, 56(3):537–546, Nov 1944.
[143] Loo-Keng Hua and Szu-Hoa Min. On the distribution of quadratic non-residues and the Eucidean algorithm in real quadratic fields. II. Transactions of the American Mathematical Society, 56(3):547–569, Nov 1944.
[144] Jinlan Huang, Pierre E. Dupont, Aditya Undurti, John K. Triedman, and Robin O. Cleveland. Producing diffuse ultrasound reflections from medical in- struments using a quadratic residue diffuser. Ultrasound in Medicine & Biology, 32(5):721–727, 2006.
[145] Richard H. Hudson. On the first occurrence of certain patterns of quadratic residues and non-residues. Israel Journal of Mathematics, 44(1):23–32, Mar 1983. Bibliography 179
[146] W. Cary Huffman. The automorphism groups of the generalized quadratic residue codes. IEEE Transactions of Information Theory, 41(2):378–386, 1995.
[147] W. Cary Huffman and Vera Pless. Fundamentals of error-correcting codes. Cam- bridge University Press, Cambridge, 2003.
[148] Patrick Hummel. On consecutive quadratic non-residues: a conjecture of Issai Schur. Journal of Number Theory, 103(2):257–266, 2003.
[149] Sorin Iftene. Some connections between primitive roots and quadratic non- residues modulo a prime. Preprint on IACR ePrint 2012/470, 2012.
[150] Kenneth Ireland and Michael Rosen. A Classical Introduction to Modern Num- ber Theory. Graduate Texts in Mathematics. Springer-Verlag New York, second edition, 1990.
[151] Malika Izabach`eneand David Pointcheval. New anonymity notions for identity- based encryption. In V´eroniqueCortier, Claude Kirchner, Mitsuhiro Okada, and Hideki Sakurada, editors, Formal to Practical Security: Papers Issued from the 2005-2008 French-Japanese Collaboration, pages 138–157. Springer, Berlin, Heidelberg, 2009.
[152] Ernst Jacobstahl. Anwendungen einer Formel aus der Theorie der quadratischen Reste. PhD thesis, Humboldt-Universit¨atzu Berlin, 1906. Dissertation.
[153] R. Jager, W. A. Mels, A. C. Brinkman, M. Y. Galama, H. Goulooze, J. Heise, P. Lowes, J. M. Muller, A. Naber, A. Rook, R. Schuurhof, J. J. Schuurmans, and G. Wiersma. The wide field cameras onboard the BeppoSAX X-ray astronomy satellite. Astronomy and Astrophysics Supplement Series, 125(3):557–572, 1997.
[154] Mahabir Prasad Jhanwar. Studies on Public Key and Identity-based Crypto- graphic Primitives. PhD thesis, Kolkata, 2010. Thesis under the supervision of Prof. Rana Barua.
[155] Mahabir Prasad Jhanwar and Rana Barua. A variant of Boneh-Gentry- Hamburg’s pairing-free identity based encryption scheme. In Information Se- curity and Cryptology, 4th International Conference, Inscrypt 2008, Beijing, 180 Bibliography
China, December 14-17, 2008, Revised Selected Papers, pages 314–331, Berlin, Heidelberg, 2008. Springer.
[156] Gareth A. Jones. Paley and the Paley graphs. arXiv e-prints, page arXiv:1702.00285, Jan 2017.
[157] Marc Joye. Identity-based cryptosystems and quadratic residuosity. In Proceed- ings, Part I, of the 19th IACR International Conference on Public-Key Cryp- tography — PKC 2016 - Volume 9614, pages 225–254, Berlin, Heidelberg, 2016. Springer-Verlag.
[158] Benjamin Justus. The distribution of quadratic residues and non-residues in arithmetic progressions. Lithuanian Mathematical Journal, 54(2):142–149, Apr 2014.
[159] Benjamin Justus. The distribution of quadratic residues and non-residues in the Goldwasser-Micali type of cryptosystem. Journal of Mathematical Cryptology, 8(2):115–140, Jan 2014.
[160] Benjamin Justus. The distribution of quadratic residues and non-residues in the Goldwasser-Micali type of cryptosystem. II. Journal of Mathematical Cryp- tology, 9(2):115–137, 2015.
[161] David Kahn. The Codebreakers. Scribner, New York, Dec 1996.
[162] Burt Kaliski. Quadratic residue. In Henk C. A. van Tilborg and Sushil Jajodia, editors, Encyclopedia of Cryptography and Security, pages 1003–1003. Springer US, Boston, MA, 2011.
[163] Bhavana Rukmini Kanukurthi. Cryptography with Imperfect Randomness. PhD thesis, Boston, MA, USA, 2011. Advisor: Leonid Reyzin.
[164] Anatolii A. Karatsuba. The distribution of pairs of quadratic residues and non- residues of a special form. Mathematics of the USSR-Izvestiya, 31(2):307–323, Apr 1988. Bibliography 181
[165] Jonathan Katz and Yehuda Lindell. Introduction to Modern Cryptography. Cryptography and Network Security. CRC Press, Boca Raton, London, New York, second edition, 2015.
[166] Jonathan Katz, Amit Sahai, and Brent Waters. Predicate encryption support- ing disjunctions, polynomial equations, and inner products. In Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings, pages 146–162, 2008.
[167] John B. Kelly. A characteristic property of quadratic residues. Proceedings of the American Mathematical Society, 5(1):38–38, Jan 1954.
[168] Mizan R. Khan and Richard Magner. An application of modular hyperbolas to quadratic residues. American Mathematical Monthly, 122(03):272–274, Mar 2015.
[169] David S. Knight. On calculating square roots in GF (p). arXiv e-prints, page arXiv:1309.2831, Sep 2013.
[170] Neal Koblitz. A Course in Number Theory and Cryptography. Graduate Texts in Mathematics. Springer New York, Berlin, Heidelberg, second edition, 1994.
[171] Sergei V. Konyagin and Igor E. Shparlinski. Quadratic non-residues in short intervals. Proceedings of the American Mathematical Society, 143(10):4261– 4269, Mar 2015.
[172] Namhun Koo, Gook Hwa Cho, and Soonhak Kwon. Square root algorithm in
s s+1 Fq for q = 2 + 1(mod 2 ). Preprint on IACR Cryptology ePrint Archive. Report 2013/087, 2013.
[173] Takeshi Koshiba. A new aspect for security notions: Secure randomness in public-key encryption schemes. In Public Key Cryptography, 4th International Workshop on Practice and Theory in Public Key Cryptography, PKC 2001, Cheju Island, Korea, February 13-15, 2001. Proceedings, pages 87–103, 2001.
[174] P¨arKurlberg. The distribution of spacings between quadratic residues, II. Israel Journal of Mathematics, 120(1):205–224, Dec 2000. 182 Bibliography
[175] P¨arKurlberg and Ze´evRudnick. The distribution of spacings between quadratic residues. Duke Mathematical Journal, 100(2):211–242, Nov 1999.
[176] Youness Lamzouri, Xiannan Li, and Kannan Soundararajan. Conditional bounds for the least quadratic non-residue and related problems. Mathematics of Computation, 84(295):2391–2412, 2015.
[177] Youness Lamzouri, Xiannan Li, and Kannan Soundararajan. Corrigendum to “Conditional bounds for the least quadratic non-residue and related problems”. Mathematics of Computation, 86(307):2551–2554, 2017.
[178] Tanja Lange and Rainer Steinwandt. Post-Quantum Cryptography, volume 10786 of Lecture Notes in Computer Science. Springer International Publishing, 1st edition, 2018.
[179] Rio LaVigne. Simple homomorphisms of Cocks IBE and applications. Preprint on IACR Cryptology ePrint Archive. Report 2016/1150, 2016.
[180] Taewoong Lee, Sung-Woo Kwak, and Wonho Lee. Investigation of nuclear ma- terial using a compact modified uniformly redundant array gamma camera. Nuclear Engineering and Technology, 50(6):923 – 928, 2018.
[181] Derrick Norman Lehmer. Certain theorems in the theory of quadratic residues. American Mathematical Monthly, 20(5):151–157, May 1913.
[182] Derrick Norman Lehmer. On a problem of Størmer. Illinois Journal of Mathe- matics, 8(1):57–79, Mar 1964.
[183] Derrick Norman Lehmer and Emma Lehmer. On runs of residues. Proceedings of the American Mathematical Society, 13(1):102–106, 1962.
[184] Derrick Norman Lehmer, Emma Lehmer, and W. H. Mills. Pairs of consecutive power residues. Canadian Journal of Mathematics, 15:172–177, 1963.
[185] Derrick Norman Lehmer, Emma Lehmer, W. H. Mills, and J. L. Selfridge. Ma- chine proof of a theorem on cubic residues. volume 16, pages 407–415. American Mathematical Society, 1962. Bibliography 183
[186] Chun-Ta Li, Chi-Yao Weng, Cheng-Chi Lee, and Chun-Cheng Wang. Secure user authentication and user anonymity scheme based on quadratic residues for the integrated EPRIS. In Procedia Computer Science. The 6th International Conference on Ambient Systems, Networks and Technologies (ANT-2015), the 5th International Conference on Sustainable Energy Information Technology (SEIT-2015), volume 52, pages 21 – 28, 2015.
[187] Jiguo Li, Yuerong Shi, and Yichen Zhang. Searchable ciphertext-policy attribute-based encryption with revocation in cloud storage. International Jour- nal of Communication Systems, 30(1):e2942. IJCS-14-0467.R1.
[188] Chen-Xu Liu, Yun Liu, Zhen-Jiang Zhang, and Zi-Yao Cheng. The novel au- thentication scheme based on theory of quadratic residues for wireless sensor networks. International Journal of Distributed Sensor Networks, 9(3), 2013.
[189] Huaning Liu. New pseudorandom sequences constructed by quadratic residues and Lehmer numbers. Proceedings of the American Mathematical Society, 135(5):1309–1318, May 2007.
[190] Huaning Liu. Mean value of some exponential sums and applications to Kloost- erman sums. Journal of Mathematical Analysis and Applications, 361(1):205 – 223, 2010.
[191] Huaning Liu. On the mean values of Dirichlet L-functions. Journal of Number Theory, 147:172 – 183, 2015.
[192] Huaning Liu and Cundian Yang. On a problem of D.H. Lehmer and pseudo- random binary sequences. Bulletin of the Brazilian Mathematical Society, New Series, 39(3):387–399, Sep 2008.
[193] Yuan Liu, Licheng Wang, Lixiang Li, and Xixi Yan. Secure and efficient multi- authority attribute-based encryption scheme from lattices. IEEE Access, 2018.
[194] St´ephaneR. Louboutin, Jo´elRivat, and Andr´asS´ark¨ozy. On a problem of D. H. Lehmer. Proceedings of the American Mathematical Society, 135(4):969–975, 2007. 184 Bibliography
[195] Philip D. MacKenzie, Michael K. Reiter, and Ke Yang. Alternatives to non- malleability: Definitions, constructions, and applications (extended abstract). In Theory of Cryptography, First Theory of Cryptography Conference, TCC 2004, Cambridge, MA, USA, February 19-21, 2004, Proceedings, pages 171– 190, 2004.
[196] Christian Mauduit and Andr´asS´ark¨ozy. On finite pseudorandom binary se- quences I: Measure of pseudorandomness, the Legendre symbol. Acta Arith- metica, 82(4):365–377, 1997.
[197] Emory McClintock. On the nature and use of the functions employed in the recognition of quadratic residues. Transactions of the American Mathematical Society, 3(1):92–109, Apr 1902.
[198] J. McDonnell. On quadratic residues. Transactions of the American Mathemat- ical Society, 14(4):477–, Oct 1913.
[199] Paul McGough. Real privacy management authentication system, Jul 31, 2008. US Patent 2008/0184031 A1, Centreville, VA, (US).
[200] Paul McGough. Real privacy management authentication system, Mar 1, 2011. US Patent 2011/7899185 B2, Centreville, VA, (US).
[201] Dieter van Melkebeek. Randomness and Completeness in Computational Com- plexity, volume 1950 of Lecture Notes in Computer Science. Springer-Verlag Berlin Heidelberg, 1st edition, 2000.
[202] Lauren De Meyer and Beg¨ulBilgin. Classification of balanced quadratic func- tions. The 3rd International Workshop on Boolean Functions and their Appli- cations (BFA), Loen, NOR, 2018.
[203] Kyung-Min Kim Mohammad Ubaidillah, Jin-Hyun Kim. Effect of quadratic residue diffuser (QRD) microwave energy on root-lesion nematode, Prathlenchus penetrans. African Journal of Biotechnology, 12(18):2471–2477, 2013.
[204] M.R. Monazzam and Y.W. Lam. Performance of profiled single noise barriers covered with quadratic residue diffusers. Applied Acoustics, 66(6):709 – 730, 2005. Bibliography 185
[205] M.R. Monazzam and Y.W. Lam. Performance of t-shape barriers with top surface covered with absorptive quadratic residue diffusers. Applied Acoustics, 69(2):93 – 109, 2008.
[206] Jean Monnerat and Serge Vaudenay. Undeniable signatures based on charac- ters: How to sign with one bit. In Public Key Cryptography - PKC 2004, 7th International Workshop on Theory and Practice in Public Key Cryptography, Singapore, March 1-4, 2004, pages 69–85, 2004.
[207] Leo Moser. A theorem on quadratic residues. Proceedings of the American Mathematical Society, 2(3):503–504, Jun 1951.
[208] Siguna M¨uller. On the computation of square roots in finite fields. Designs, Codes and Cryptography, 31(3):301–312, 2004.
[209] V. N. Muralidhara and Sandeep Sen. A result on the distribution of quadratic residues with applications to elliptic curve cryptography. In Progress in Cryptol- ogy - INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007. Proceedings, pages 48–57, Berlin, Heidel- berg, 2007. Springer.
[210] M. Naor and M. Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In Proceedings of the twenty-second annual ACM symposium on Theory of computing, STOC ’90, pages 427–437, New York, NY, USA, 1990. ACM.
[211] M. Narasimha, K. Shenoi, and A. Peterson. Quadratic residues: Application to chirp filters and discrete fourier transforms. volume 1, pages 376–378, 1976.
[212] Melvyn B. Nathanson. Elementary Methods in Number Theory. Springer, New York, 2000.
[213] Anca-Maria Nica. Continuous mutual authentication and data security. In- ternational Journal of Computer Science and Information Security (IJCSIS), 17(2), Feb 2019.
[214] Anca-Maria Nica and Ferucio Laurent¸iu T¸iplea. On anonymization of Cocks identity-based encryption scheme. In Proceedings of the 5th Conference on 186 Bibliography
Mathematical Foundations of Informatics, MFOI 2019, pages 75 – 85, Ia¸si, Romˆania,2019. Editura Universit˘at¸ii Alexandru Ioan Cuza of Ia¸si.
[215] Anca-Maria Nica and Ferucio Laurent¸iu T¸iplea. On anonymization of Cocks’ identity-based encryption scheme. The Computer Science Journal of Moldova, 27(3):283–298, 2019. (Extended version of the conference paper).
[216] Auguste Kerckhoffs von Nieuwenhof. La cryptographie militaire. Journal des sciences militaires, IX:5 – 38, Jan 1883.
[217] Nozomu Nishihara, Ryuichi Harasawa, Yutaka Sueyoshi, and Aichi Kudo. A remark on the computation of cube roots in finite fields. Preprint on IACR Cryptology ePrint Archive. Report 2009/457, 2009.
[218] David Nowak and Yu Zhang. A calculus for game-based security proofs. In Proceedings of the 4th International Conference on Provable Security, ProvSec ’10, pages 35–52, Berlin, Heidelberg, 2010. Springer-Verlag.
[219] Rafail Ostrovsky, Amit Sahai, and Brent Waters. Attribute-based encryption with non-monotonic access structures. In ACM Conference on Computer and Communications Security, pages 195–203. ACM, 2007.
[220] Marius Overholt. A Course in Analytic Number Theory. Graduate Studies in Mathematics. American Mathematical Society, Providence, Rhode Island, 2014.
[221] P. Pepin. Etude´ sur la th´eoriedes r´esiduscubiques. Journal de math´ematiques pures et appliqu´ees 3e s´erie, 2:313 – 324, 1876.
[222] Ren´ePeralta. On the distribution of quadratic residues and non-residues modulo a prime number. Mathematics of Computation, 58:433–440, Jan 1992.
[223] Oskar Perron. Bemerkungen ¨uber die Verteilung der quadratischen Reste. Math- ematische Zeitschrift, 56:122–130, 1952.
[224] Vera Pless. Power moment identities on weight distributions in error correcting codes. Information and Control, 6:147–152, 1963.
[225] Vera Pless. Introduction to the Theory of Error-Correcting Codes. John Wiley and Sons, 3 edition, 1998. Bibliography 187
[226] G. P´olya. Uber¨ die Verteilung der quadratischen Reste und Nichtreste. Nachrichten von der Gesellschaft der Wissenschaften zu G¨ottingen, Mathematisch-Physikalische Klasse, 1918:21–29, 1918.
[227] C˘alinPopescu and O. P. Lossers. Comparing a sum over quadratic residues and non-residues. American Mathematical Monthly, 108(4):376–377, Apr 2001.
[228] T. A. Preobrazhenskaya. An estimate for the number of consecutive quadratic residues. Moscow University Mathematics Bulletin, 64(1):24–28, Feb 2009.
[229] Nikolai Vital’evich Proskurin. A theorem on the distribution of quadratic residues having applications in the ergodic method of Yu. V. Linnik. Journal of Mathematical Sciences, 11(2):337–346, Feb 1979.
[230] Lev Davidovich Pustyl’nikov. The distribution of quadratic residues and non- residues and a dynamical system. Russian Mathematical Surveys, 48(1):185–186, Feb 1993.
[231] Lev Davidovich Pustyl’nikov. Infinite-dimensional generalized continued frac- tions, quadratic residues and non-residues, and ergodic theory. Russian Math- ematical Surveys, 52(2):420–421, Apr 1997.
[232] Lev Davidovich Pustyl’nikov. Infinite-dimensional generalized continued frac- tions, distribution of quadratic residues and non-residues, and ergodic the- ory. Infinite Dimensional Analysis, Quantum Probability and Related Topics, 5(4):555–570, Dec 2002.
[233] Weidong Qiu and Kefei Chen. Identity oriented signature scheme based on quadratic residues. Applied Mathematics and Computation, 168(1):235–242, 2005.
[234] Michael O. Rabin. Digitalized signatures and public-key functions as intractable as factorization. Technical report, Massachusetts Institute of Technology, Cam- bridge, MA, USA, Jan 1979.
[235] John R. Rabung and James Henry Jordan. Consecutive power residues or non- residues. Mathematics of Computation, 24(111):737–740, 1970. 188 Bibliography
[236] Charles Rackoff and Daniel R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’91, pages 433–444, London, UK, 1992. Springer-Verlag.
[237] Charles E. Radke. The use of quadratic residue research. Communications of the ACM, 13(2):103–105, Feb 1970.
[238] K. Deergha Rao, K. Praveen Kumar, and P. V. Murali Krishna. A new and secure cryptosystem for image encryption and decryption. IETE Journal of Research, 57(2):165–171, 2011.
[239] Brian D. Ripley. Thoughts on pseudorandom number generators. Journal of Computational and Applied Mathematics, 31(1):153–163, Jul 1990.
[240] Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for ob- taining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126, 1978.
[241] Everett M. Rogers. Diffusion of Innovations. Free Press, 5th edition, 2003.
[242] Robert Rolland. Randomness in Cryptography, pages 451–459. Springer Inter- national Publishing, Cham, 2015.
[243] Armand S¸tefan Rotaru and Sorin Iftene. A complete generalization of Atkin’s square root algorithm. Fundamental Journals, 125(1):71–94, 2013.
[244] Frank Rubin. Message authentication using quadratic residues. Cryptologia, 19(4):397–404, Oct 1995.
[245] Peter Y. A. Ryan, David Naccache, and Jean-Jacques Quisquater, editors. The New Codebreakers: Essays Dedicated to David Kahn on the Occasion of His 85th Birthday. Lecture Notes in Computer Science 9100. Springer-Verlag Berlin Heidelberg, 1 edition, 2016.
[246] Amit Sahai and Brent Waters. Fuzzy identity-based encryption. In Proceed- ings of the 24th Annual International Conference on Theory and Applications Bibliography 189
of Cryptographic Techniques, EUROCRYPT ’05, pages 457–473, Berlin, Heidel- berg, 2005. Springer-Verlag.
[247] R. Sakai, K. Ohgishi, and M. Kasahara. Cryptosystems based on pairing. 2000 Symposium on Cryptography and Information Security - C20, pages 26–28, Jan 2000.
[248] Heidrun Sarges and Werner Schaal. Least quadratic non-residues in algebraic number fields. Journal of Number Theory, 15(2):275–281, 1982.
[249] Andr´asS´ark¨ozyand C.L. Stewart. On pseudorandomness in families of se- quences derived from the Legendre symbol. Periodica Mathematica Hungarica, 54(2):163–173, Jun 2007.
[250] Adrian G. Schipor. On the security of Jhanwar-Barua identity-based encryption scheme, 2018.
[251] Gheorghe A. Schipor. On the anonymization of Cocks IBE scheme. In Cryptog- raphy and Information Security in the Balkans - First International Conference, Istanbul, Turkey, October 16-17, 2014, Revised Selected Papers, BalkanCrypt- Sec 2014, pages 194–202, 2014.
[252] Nicollas M. Sdroievski, Murilo V. G. da Silva, and Andr´eLu´ısVignatti. An indexing for quadratic residues modulo N and a non-uniform efficient decoding algorithm. CoRR, abs/1805.04731, 2018.
[253] George Te¸seleanu, Ferucio Laurent¸iu T¸iplea, Sorin Iftene, and Anca-Maria Nica. Boneh-Gentry-Hamburg’s identity-based encryption schemes revisited. In Proceedings of the Conference on Mathematical Foundations of Informatics MFOI2019, July 3-6, 2019, Iasi, Romania, pages 45 – 58, 2019. An extended version will appear in IET Information Security (under review).
[254] Rocco A. Servedio and Li-Yang Tan. Improved pseudorandom generators from pseudorandom multi-switching lemmas. CoRR, abs/1801.03590, 2018.
[255] Daniel Shanks. Quadratic residues and the distribution of primes. Mathematical Tables and Other Aids to Computation, 13(68):272–284, Oct 1959. 190 Bibliography
[256] Daniel Shanks. Five number-theoretic algorithms. In Proceedings of the Sec- ond Manitoba Conference on Numerical Mathematics (Univ. Manitoba, Win- nipeg, Man., 1972), pages 51—70. Congressus Numerantium, No. VII, Win- nipeg, Man., 1973. Utilitas Math.
[257] Claude E. Shannon. Communication theory of secrecy systems. Bell System Technical Journal, 28:656–715, 1949.
[258] Elaine Shi, John Bethencourt, Hubert T.-H. Chan, Dawn Xiaodong Song, and Adrian Perrig. Multi-dimensional range query over encrypted data. In 2007 IEEE Symposium on Security and Privacy (S&P 2007), 20-23 May 2007, Oak- land, California, USA, pages 350–364, 2007.
[259] Victor Shoup. Sequences of games: A tool for taming complexity in security proofs. Preprint on IACR Cryptology ePrint Archive. Report 2004/332, 2004.
[260] Victor Shoup. A Computational Introduction to Number Theory and Algebra. Cambridge University Press, New York, NY, USA, 2005.
[261] Victor Shoup. A Computational Introduction to Number Theory and Algebra. Cambridge University Press, New York, NY, USA, 2nd edition, 2009.
[262] Gustavus J. Simmons. How to (really) share a secret. In Shafi Goldwasser, editor, Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology (CRYPT ’88), volume 403 of Lecture Notes in Computer Science, pages 390–448. Springer, 1988.
[263] Simon Singh. The code book. Delacorte Press, New York, 2002.
[264] Michael Sipser. Introduction to the Theory of Computation. Course Technology, Boston, MA, 3rd edition, 2013.
[265] Z. Sohrabi-Bonab, M. R. Alagheband, and M. R. Aref. Traceability analysis of quadratic residue-based RFID authentication protocols. In 2013 Eleventh Annual Conference on Privacy, Security and Trust, pages 61–68, Jul 2013.
[266] D.R. Stinson. Cryptography: Theory and Practice. Chapman and Hall/CRC, 3rd edition, 2005. Bibliography 191
[267] He Sun. Lecture 7 - Pseudorandom generators (I). Max-Planck-Institute for Informatics, 2010.
[268] Saravanan Sundaresan, Robin Doss, and Wanlei Zhou. A secure search pro- tocol based on quadratic residues for EPC class-1 gen-2 UHF RFID tags. In Proceedings of the 23rd International Symposium on Personal, Indoor and Mo- bile Radio Communications - Sydney, Australia, September 9-12, 2012, IEEE PIMRC, pages 30–35, 2012.
[269] K.J Tan and H.W Zhu. A conference key distribution scheme based on the theory of quadratic residues. Computer Communications, 22(8):735–738, 1999.
[270] Yoshihiro Tanada and Kiminori Sato. Long Huffman sequences derived from even functional quadratic residues. In The Sixth International Workshop on Signal Design and Its Applications in Communications, IEEE IWSDA, pages 56–59, 2013.
[271] V. E. Tarakanov. An application of the Gauss lemma to the study of pseudoran- dom sequences based on quadratic residues. Mathematical Notes, 73(3-4):562– 570, Mar 2003.
[272] Tamir Tassa. Hierarchical threshold secret sharing. Journal of Cryptology, 20(2):237–264, 2007.
[273] Tamir Tassa. Generalized oblivious transfer by secret sharing. Designs, Codes Cryptography, 58(1):11–21, 2011.
[274] Tamir Tassa and N. Dyn. Multipartite secret sharing by bivariate interpolation. Journal of Cryptology, 22(2):227–258, 2008.
[275] Telcordia. Cryptography assesment of RS corps Real Privacy Management (RPM) System. Extended summary. Apr 2011.
[276] Henk C. A. Van Tilborg. Fundamentals of Cryptology: A Professional Reference and Interactive Tutorial. Kluwer Academic Publishers, Norwell, MA, USA, 1st edition, 1999. 192 Bibliography
[277] Ferucio Laurent¸iu T¸iplea and Constantin C˘at˘alinDr˘agan.Key-policy attribute- based encryption for boolean circuits from bilinear maps. Preprint on IACR Cryptology ePrint Archive. Report 2014/608, 2014.
[278] Ferucio Laurent¸iu T¸iplea, Constantin C˘at˘alinDr˘agan, and Anca-Maria Nica. Key-policy attribute-based encryption from bilinear maps. In Innovative Secu- rity Solutions for Information Technology and Communications - 10th Interna- tional Conference, SecITC 2017, Bucharest, Romania, June 8-9, 2017, Revised Selected Papers, pages 28–42, 2017.
[279] Ferucio Laurent¸iu T¸iplea, Sorin Iftene, George Te¸seleanu, and Anca-Maria Nica. Security of identity-based encryption schemes from quadratic residues. In In- novative Security Solutions for Information Technology and Communications - 9th International Conference, SECITC 2016, Bucharest, Romania, June 9-10, 2016, Revised Selected Papers, pages 63–77, 2016.
[280] Ferucio Laurent¸iu T¸iplea and Emil Simion. New results on identity-based encryption from quadratic residuosity. Preprint on IACR Cryptology ePrint Archive. Report 2015/900, 2015.
[281] Ferucio Laurent¸iu T¸iplea, Sorin Iftene, George Te¸seleanu, and Anca-Maria Nica. On the distribution of quadratic residues and non-residues modulo composite integers and applications to cryptography. Applied Mathematics and Computa- tion, 372, 2020.
[282] A. Tonelli. Sulla risoluzione della congruenza x2 = c (mod p2). Atti della Reale Accademia dei Lincei. Rendiconti, 1(1):116–120, 1892.
[283] Luca Trevisan. Extractors and pseudorandom generators. Journal of the ACM, 48(4):860–879, Jul 2001.
[284] Takagi Tsuyoshi, Biehl Ingrid, and Paulus Sachar. Undeniable digital signature scheme based on quadratic field, December 13, 2005. US Patent 2005/6976169 B1. Bibliography 193
[285] Brigitte Vall´ee. Provably fast integer factoring with quasi-uniform small quadratic residues. In Proceedings of the 21st annual ACM symposium - Seattle, Washington, United States, May 14-17, 1989, pages 98–106. ACM Press, 1989.
[286] R. Z. Vause. On the distribution of the Jacobian symbols. Journal of the Elisha Mitchell Scientific Society, 72(1):15–24, 1956.
[287] G. S. Vernam. Cipher printing telegraph systems for secret wire and radio telegraphic communications. Journal American Institute of Electrical Engineers, 45(2):109–115, Feb 1926.
[288] Ivan Matveevich Vinogradov. Sur la distribution des r´esiduset des non-r´esidus des puissances. J. Phys.-Math. Soc. Perm., 1(1):94–98, 1918.
[289] Ivan Matveevich Vinogradov. Sur la distribution des r´esiduset des non-r´esidus des puissances. J. Phys.-Math. Soc. Perm., 1(1):1–16, 1918.
[290] Ivan Matveevich Vinogradov. On a general theorem concerning the distribu- tion of the residues and non-residues of powers. Transactions of the American Mathematical Society, 29(1):209–217, 1927.
[291] Ivan Matveevich Vinogradov. On the bound of the least non-residue of nth powers. Transactions of the American Mathematical Society, 29(1):218–226, 1927.
[292] Herbert Walum. A recurrent pattern in the list of quadratic residues mod a prime and in the values of the Liouville λ function. Journal of Number Theory, 12(1):53–56, 1980.
[293] Herbert Walum. On the distribution of quadratic residues modulo a prime. Journal of Number Theory, 15(2):248–251, 1982.
[294] Yodai Watanabe, Junji Shikata, and Hideki Imai. Equivalence between semantic security and indistinguishability against chosen ciphertext attacks. In Public Key Cryptography - PKC 2003, 6th International Workshop on Theory and Practice in Public Key Cryptography, Miami, FL, USA, January 6-8, 2003, Proceedings, PKC ’03, pages 71–84, London, UK, 2003. Springer-Verlag. 194 Bibliography
[295] Andr´eWeil. On some exponential sums. Proceedings of the National Academy of Sciences, 34(5):204–207, 1948.
[296] Fengtong Wen. A more secure anonymous user authentication scheme for the integrated EPR information system. Journal of Medical Systems, 38(5):42, Apr 2014.
[297] Albert Leon Whiteman. Theorems on quadratic residues. Mathematics Maga- zine, 23(2):71–74, Nov-Dec 1949.
[298] K. S. Williams. Quadratic polynomials with the same residues. American Mathematical Monthly, 75(9):969–973, Nov 1968.
[299] Steve Wright. Patterns of quadratic residues and non-residues for infinitely many primes. Journal of Number Theory, 123(1):120–132, 2007.
[300] Steve Wright. Quadratic residues and the combinatorics of sign multiplication. Journal of Number Theory, 128(4):918–925, 2008.
[301] Steve Wright. Quadratic Residues and Non-Residues: Selected Topics. Springer, Rochester, Michigan, 48309, U.S.A., 2016.
[302] Ping Xi. Quadratic residues and non-residues for infinitely many Piatetski- Shapiro primes. Acta Mathematica Sinica, English Series, 29(3):515–522, Mar 2013.
[303] Y. Xie, J. Yuan, and Q. T. Sun. Design of quantum LDPC codes from quadratic residue sets. IEEE Transactions on Communications, 66(9):3721–3735, Sep 2018.
[304] Tzu-Chang Yeh, Chien-Hung Wu, and Yuh-Min Tseng. Improvement of the RFID authentication scheme based on quadratic residues. Computer Commu- nications, 34(3):337 – 341, 2011. Special Issue of Computer Communications on Information and Future Communication Security.
[305] Moti Yung, Peng Liu, and Dongdai Lin, editors. Information Security and Cryptology, 4th International Conference, Inscrypt 2008, Beijing, China, De- Bibliography 195
cember 14-17, 2008, Revised Selected Papers, volume 5487 of Lecture Notes in Computer Science. Springer, 2009.
[306] Wenpeng Zhang. On a problem of D. H. Lehmer and its generalization. Com- positio Mathematica, 86:307–316, 1993.
[307] Wenpeng Zhang. A problem of D. H. Lehmer and its generalization (II). Com- positio Mathematica, 91(1):47–56, 1994.
[308] Wenpeng Zhang. On a problem of D. H. Lehmer and Kloosterman sums. Monat- shefte f¨urMathematik, 139(3):247–257, Jul 2003.
[309] Wenpeng Zhang. On the mean value of L-functions with the weight of character sums. Journal of Number Theory, 128(8):2459 – 2466, 2008.
[310] Jingxian Zhou. A quadratic residue-based lightweight RFID mutual authenti- cation protocol with constant-time identification. Journal of Communications, 10(2):117–123, Feb 2015.
[311] Zhiping Zhou, Ping Wang, and Zhicong Li. A quadratic residue-based RFID authentication protocol with enhanced security for TMIS. Journal of Ambient Intelligence and Humanized Computing, pages 1–16, Oct 2018.
[312] Ryszard Zieliski. An aperiodic pseudorandom number generator. Journal of Computational and Applied Mathematics, 31(1):205 – 210, 1990.