Abstract: Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring Fq[x] and selecting a polynomial h(y) of exact degree n in a ring Fq[y]. The method includes constructing an isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and constructing an inverse isomorphism from the ring Fq[y]/(h(y)) to the ring Fq[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.

Abstract: Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring Fq[x] and selecting a polynomial h(y) of exact degree n in a ring Fq[y]. The method includes constructing an isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and constructing an inverse isomorphism from the ring Fq[y]/(h(y)) to the ring Fq[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.

Abstract: A method for signing and subsequently verifying a digital message, including the following steps: generating an irreducible monic polynomial f(x) of degree n in a ring Fq[x]; generating an irreducible monic polynomial F(y) of degree n in a ring Fq[y]; producing first and second finite fields as Fq[x]/(f(x)) and Fq[y]/(F(y)), respectively; producing a secret isomorphism from the first finite field to the second finite field; producing and publishing a public key that depends on F(y); producing a private key that depends on the secret isomorphism; producing a message digest by applying a hash function to the digital message and the public key; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key.

Abstract: Systems, methods, and computer-readable storage devices storing instructions for homomorphic encryption via finite ring isomorphisms are provided. An example method includes selecting a polynomial f(x) of exact degree n with small coefficients in a ring Fq[x] and selecting a polynomial h(y) of exact degree n in a ring Fq[y]. The method includes constructing an isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and constructing an inverse isomorphism from the ring Fq[y]/(h(y)) to the ring Fq[x]/(f(x)). The method includes encrypting a message using said isomorphism from the ring Fq[x]/(f(x)) to the ring Fq[y]/(h(y)) and transmitting the encrypted message to a remote computer. The method also includes receiving one or more encrypted response messages from the remote computer based at least in part on the transmitted message and decrypting the one or more encrypted response messages.

Abstract: A method for signing and subsequently verifying a digital message, including the following steps: generating an irreducible monic polynomial f(x) of degree n in a ring Fq[x]; generating an irreducible monic polynomial F(y) of degree n in a ring Fq[y]; producing first and second finite fields as Fq[x]/(f(x)) and Fq[y]/(F(y)), respectively; producing a secret isomorphism from the first finite field to the second finite field; producing and publishing a public key that depends on F(y); producing a private key that depends on the secret isomorphism; producing a message digest by applying a hash function to the digital message and the public key; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key.

Abstract: A method for signing and subsequently verifying a digital message, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q and a relatively smaller integer p that is coprime with q; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse of f mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a message digest by applying a hash function to the digital message; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key to determine whether the signature is valid.

Abstract: A method for signing a digital message, including the following steps: selecting parameters that include first and second primes, a ring of polynomials related to the primes, and at least one range-defining integer; deriving private and public keys respectively related to a random polynomial private key of the ring of polynomials, and to evaluations of roots of unity of the random polynomial to obtain a public key set of integers; storing the private key and publishing the public key; signing the digital message by: (A) generating a noise polynomial, (B) deriving a candidate signature by obtaining a hash of the digital message and the public key evaluated at the noise polynomial, and determining the candidate signature using the private key, a polynomial derived from the hash, and the noise polynomial, (C) determining whether the coefficients of the candidate signature are in a predetermined range dependent on the at least one range-defining integer, and (D) repeating steps (A) through (C) until the criterion

Abstract: A method for signing and subsequently verifying a digital message, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q and a relatively smaller integer p that is coprime with q; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse of f mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a message digest by applying a hash function to the digital message; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key to determine whether the signature is valid.

Abstract: A method for signing a digital message, including the following steps: selecting parameters that include first and second primes, a ring of polynomials related to the primes, and at least one range-defining integer; deriving private and public keys respectively related to a random polynomial private key of the ring of polynomials, and to evaluations of roots of unity of the random polynomial to obtain a public key set of integers; storing the private key and publishing the public key; signing the digital message by: (A) generating a noise polynomial, (B) deriving a candidate signature by obtaining a hash of the digital message and the public key evaluated at the noise polynomial, and determining the candidate signature using the private key, a polynomial derived from the hash, and the noise polynomial, (C) determining whether the coefficients of the candidate signature are in a predetermined range dependent on the at least one range-defining integer, and (D) repeating steps (A) through (C) until the criterion

Abstract: A signing technique of a disclosed identification/digital signature method hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring, while a disclosed verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties. In an embodiment of the identification/digital signature scheme hereof that employs a quotient ring of polynomials, the security also relies on the experimentally observed fact that for most lattices, it is very difficult to find a vector whose length is only a little bit longer than the shortest vector, and it is also difficult to find a lattice vector that is quite close to a randomly chosen nonlattice vector.

Abstract: A signing technique of a disclosed identification/digital signature method hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring, while a disclosed verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties. In an embodiment of the identification/digital signature scheme hereof that employs a quotient ring of polynomials, the security also relies on the experimentally observed fact that for most lattices, it is very difficult to find a vector whose length is only a little bit longer than the shortest vector, and it is also difficult to find a lattice vector that is quite close to a randomly chosen nonlattice vector.

Abstract: A method, system and apparatus for performing user identification, digital signatures and other secure communication functions in which keys are chosen essentially at random from a large set of vectors and key lengths are comparable to the key lengths in other common identification and digital signature schemes at comparable security levels. The signing technique of an embodiment of the identification/digital signature scheme hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring; while the verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties.

Abstract: A method for performing a cryptographic operation involving transforming digital information is described. A digital operator is provided that has a component selected from a large set of elements. The component is expanded into a plurality of factors, each factor having a low Hamming weight. Digital information is transformed using the digital operator. Computer readable medium embody instructions for the method.

Abstract: A method for authenticating, by a second user, the identity of a first user, that includes a challenge communication from the second user to the first user, a response communication from the first user to the second user, and a verification by the second user, includes the steps: selection by the first user of a private key f in a ring R and a public key that includes ?(f) in a ring B that is mapped from f using the ring homomorphism ?: R?B, and publication by the first user of the public key; generation of the challenge communication by the second user that includes selection of a challenge c in the ring R; generation of the response communication by the first user that includes computation of a response comprising h in the ring R, where h is a function of c and f; and performing of a verification by the second user that includes determination of ?(c) from c, ?(h) from h, and an evaluation that depends on ?(h), ?(c) and ?(f).

Abstract: A method, system and apparatus for performing user identification, digital signatures and other secure communication functions in which keys are chosen essentially at random from a large set of vectors and key lengths are comparable to the key lengths in other common identification and digital signature schemes at comparable security levels. The signing technique of an embodiment of the identification/digital signature scheme hereof uses a mixing system based on multiplication in a ring and reduction modulo an ideal q in that ring; while the verification technique uses special properties of products of elements whose validity depends on elementary probability theory. The security of the identification/digital signature scheme comes from the interaction of reduction modulo q and the difficulty of forming products with special properties.

Abstract: Methods, systems and computer readable media for signing and verifying a digital message m are described. First, ideals p and q of a ring R are selected. Elements f and g of the ring R are generated, followed by generating an element F, which is an inverse of f, in the ring R. A public key h is produced, where h is equal to a product that can be calculated using g and F. Then, a private key that includes f is produced. A digital signature s is signed to the message m using the private key. The digital signature is verified by confirming one or more specified conditions using the message m and the public key h. A second user also can authenticate the identity of a first user. A challenge communication that includes selection of a challenge m in the ring R is generated by the second user. A response communication that includes computation of a response s in the ring R, where s is a function of m and f, is generated by the first user.

Abstract: A method for performing a cryptographic operation involving transforming digital information is described. A digital operator is provided that has a component selected from a large set of elements. The component is expanded into a plurality of factors, each factor having a low Hamming weight. Digital information is transformed using the digital operator. Computer readable medium embody instructions for the method.

Abstract: A method of communicating information between users of a communications system includes the following steps: generating a ring R, ideals P and Q in R, a set of coset representatives CQ for the ring R modulo the ideal Q, and a set of coset representatives Cp for the ring R modulo the ideal P; generating at least one public key element h1, . . . , hk in the ring R as a function of at least two private key elements ƒ1, . . . ƒn in R and the ideal Q of the first user; and transmitting from a first user to a second user a description of the ring R, the ideal Q, the ideal P, and the elements h1, . . . , hk in R; generating an element e in R as a function of the ideals P and Q, the public key elements h1, . . . , hk, a private message element m in R, and at least one private random element ø1, . . .

Abstract: The public key encryption system of the present invention has short and easily created encryption keys and wherein the encoding and decoding processes are performed extremely rapidly, and has low memory requirements. The encoding and decoding processes use both the addition and multiplication operations in a ring modulo with two different ideals. The cryptosystem of the present invention allows encryption keys to be chosen essentially at random from a large set of binary vectors, for which key lengths are comparable to the key lengths of the most widely used prior art cryptosystems. The present invention features an appropriate security level (.about.2.sup.80), with encoding and decoding processes ranging from approximately one to two orders of magnitude faster than the prior art, particularly the exponentiation cryptosystems.