0

Setup($1^\lambda$) $\to \mathcal params$. On input security paramater,output a set of global public parameters $\mathcal params$

Can you give some examples to explain the cryptographic terminology?

Mint($\mathcal params$) $\to (\mathcal c ,\mathcal skc $). On input paramters $\mathcal params$, output a coin $\mathcal c \in \mathcal C $, as well as a trapdoor $\mathcal skc$

Deleted
  • 11
  • 2
  • Check this. https://crypto.stackexchange.com/questions/30727/how-to-generate-a-bilinear-group-of-prime-order-p-for-key-generation – kub0x Oct 30 '18 at 09:52

2 Answers2

1

Welcome to MSE!

In view of the RSA (Rivest, Shamir, Adlement) cryptosystem, each user chooses two large primes $p$ and $q$. Then she (beloved Alice) computes $n=p\cdot q$ and $\phi(n) = (p-1)(q-1)$. Afterwards she chooses an integer $e$ in the range $1<e<\phi(n)$, usually a prime, such that $e$ is invertible modulo $\phi(n)$. Then she computes $d =e^{-1}$ in ${\Bbb Z}_{\phi(n)}$.

Then $(n,e)$ is the public key and $d$ is the private key. The data $p,q,\phi(n)$ must be kept secret. Hope it helps

Wuestenfux
  • 20,964
  • So ($\mathbf n,\mathbf e $) is public params, and sercurity params $\mathbf \lambda $ is order size in bits? – Deleted Oct 30 '18 at 10:06
  • $d$ is the private key. If the params are chosen correctly, there is no way to get $d$ from $e,n$, as this requires to draw discrete logarithms. – Wuestenfux Oct 30 '18 at 10:11
  • I understand RSA, but I don't know what public params and security params mean. In https://crypto.stackexchange.com/questions/30727/how-to-generate-a-bilinear-group-of-prime-order-p-for-key-generation, the $\lambda $ is order size in bits. But according to what you mean, it seems that security params is sk(i.e. private key), public params is pk(public key) , $\mathcal p $ and $\mathcal q $. – Deleted Oct 30 '18 at 13:57
  • You could measure the parameters in bits of course. The internet gives some hints how large the parameters should be. – Wuestenfux Oct 30 '18 at 13:59
  • THX !! So security parameters $\lambda$ are used to define bits of public parameters (example $\mathcal p$ and$\mathcal q $). Right? – Deleted Oct 30 '18 at 14:12
0

From Wikipedia article about security parameter;

In cryptography, the security parameter is a variable that measures the input size of the computational problem. Both the resource requirements of the cryptographic algorithm or protocol as well as the adversary's probability of breaking security are expressed in terms of the security parameter.

The security parameter is usually expressed in unary representation (for example, a security parameter of n is expressed as a string of n 1s) so that the time complexity of the cryptographic algorithm is polynomial in the size of the input. For example, in the RSA cryptosystem, the security parameter $k$ denotes the length in bits of the modulus $n$; the positive integer n must therefore be a number in the set $0,\ldots,2^{k−1}.$

Some prefer to use as $1^n$ and some prefer to use $1^\lambda$

We assume that the parties and adversary are all running in polynomial time in the security parameter. So if the adversary breaks the system with negligible probability then the system assumed secure.

Community
  • 1
kelalaka
  • 1,637