Skip to main content
SpringerLink
Log in

I Want to Ride My BICYCL : BICYCL Implements CryptographY in CLass Groups

  • Research Article
  • Published:
Journal of Cryptology Aims and scope Submit manuscript

Abstract

We introduce BICYCL an open-source C++ library that implements arithmetic in the ideal class groups of imaginary quadratic fields, together with a set of cryptographic primitives based on class groups. It is available at https://gite.lirmm.fr/crypto/bicycl under GNU General Public License version 3 or any later version.BICYCL provides significant speed-ups on the implementation of the arithmetic of class groups. Concerning cryptographic applications, BICYCL is orders of magnitude faster than any previous pilot implementation of the \(\textsf{CL}\) linearly encryption scheme, making it faster than Paillier’s encryption scheme at any security level. Linearly homomorphic encryption is the core of many multi-party computation protocols, sometimes involving a huge number of encryptions and homomorphic evaluations: class group-based protocols become the best solution in terms of bandwidth and computational efficiency to rely upon.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. https://github.com/Chia-Network/vdftrack1results.

  2. For more details on GMP implementation of Lehmer’s variant, see GMP documentation https://gmplib.org/manual/Lehmer_0027s-Algorithm.

  3. If \(f=(a,b,c)\), then the inverse of the class of f is represented by \((a, -b, c)\).

  4. There does not seem to be an efficient way to exploit the fact that one raises both basis to the same power.

  5. This comparison should be taken with caution: we did not have access to the source code of [27] and could not run the benchmarks on the same machine.

References

  1. D. Abram, I. Damgård, C. Orlandi, P. Scholl, An algebraic framework for silent preprocessing with trustless setup and active security, in CRYPTO 2022 (Springer, 2022)

  2. D.F. Aranha, C.P.L. Gouvêa, T. Markmann, R.S. Wahby, K. Liao, RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic

  3. T. Attema, I. Cascudo, R. Cramer, I.B. Damgård, D. Escudero, Vector commitments over rings and compressed \(\sigma \)-protocols. Cryptology ePrint Archive, Report 2022/181 (2022). https://eprint.iacr.org/2022/181

  4. W. Beullens, T. Kleinjung, F. Vercauteren, CSI-FiSh: Efficient isogeny based signatures through class group computations, in S.D. Galbraith, S. Moriai, editors, ASIACRYPT 2019, Part I, vol. 11921 of LNCS (Springer, Heidelberg, 2019), pp. 227–247

  5. J.-F. Biasse, Improvements in the computation of ideal class groups of imaginary quadratic number fields. Adv. Math. Commun. 4(2):141–154 (2010)

  6. J.-F. Biasse, M.J. Jacobson, A.K. Silvester, Security estimates for quadratic field based cryptosystems, in R. Steinfeld, P. Hawkes, editors, ACISP 10, vol. 6168 of LNCS (Springer, Heidelberg, 2010), pp. 233–247

  7. D. Boneh, B. Bünz, B. Fisch, Batching techniques for accumulators with applications to IOPs and stateless blockchains, in A. Boldyreva, D. Micciancio, editors, CRYPTO 2019, Part I, vol. 11692 of LNCS (Springer, Heidelberg, 2019), pp. 561–586

  8. J. Buchmann, C. Thiel, H. Williams, Short representation of quadratic integers, in W. Bosma, A. van der Poorten, editors, Computational Algebra and Number Theory (Springer Netherlands, Dordrecht, 1995), pp. 159–185

  9. J. Buchmann, U. Vollmer, Binary Quadratic Forms: An Algorithmic Approach. Algorithms and Computation in Mathematics (Springer, Berlin Heidelberg, 2007)

  10. J. Buchmann, H.C. Williams. A key-exchange system based on imaginary quadratic fields. J. Cryptol. 1(2):107–118 (1988)

  11. J. Buchmann, H.C. Williams, A key exchange system based on real quadratic fields, in G. Brassard, editor, CRYPTO’89, vol. 435 of LNCS (Springer, Heidelberg, 1990), pp. 335–343

  12. B. Bünz, B. Fisch, A. Szepieniec, Transparent SNARKs from DARK compilers, in A. Canteaut, Y. Ishai, editors, EUROCRYPT 2020, Part I, vol. 12105 of LNCS (Springer, Heidelberg, 2020), pp. 677–706

  13. J. Camenisch, V. Shoup, Practical verifiable encryption and decryption of discrete logarithms, in D. Boneh, editor, CRYPTO 2003, vol. 2729 of LNCS (Springer, Heidelberg, 2003), pp. 126–144

  14. G. Castagnos, D. Catalano, F. Laguillaumie, F. Savasta, I. Tucker, Two-party ECDSA from hash proof systems and efficient instantiations, in A. Boldyreva, D. Micciancio, editors, CRYPTO 2019, Part III, vol. 11694 of LNCS (Springer, Heidelberg, 2019), pp. 191–221

  15. G. Castagnos, D. Catalano, F. Laguillaumie, F. Savasta, I. Tucker, Bandwidth-efficient threshold EC-DSA, in A. Kiayias, M. Kohlweiss, P. Wallden, V. Zikas, editors, PKC 2020, Part II, vol. 12111 of LNCS (Springer, Heidelberg, 2020), pp. 266–296

  16. G. Castagnos, L. Imbert, F. Laguillaumie, Encryption switching protocols revisited: Switching modulo p, in J. Katz, H. Shacham, editors, CRYPTO 2017, Part I, vol. 10401 of LNCS (Springer, Heidelberg, 2017), pp. 255–287

  17. G. Castagnos, A. Joux, F. Laguillaumie, P.Q. Nguyen, Factoring \(pq^2\) with quadratic forms: Nice cryptanalyses, in M. Matsui, editor, ASIACRYPT 2009, vol. 5912 of LNCS (Springer, Heidelberg, 2009), pp. 469–486

  18. G. Castagnos, F. Laguillaumie, On the security of cryptosystems with quadratic decryption: The nicest cryptanalysis, in A. Joux, editor, EUROCRYPT 2009, vol. 5479 of LNCS (Springer, Heidelberg, 2009), pp. 260–277

  19. G. Castagnos, F. Laguillaumie, Linearly homomorphic encryption from \({\sf DDH}\), in K. Nyberg, editor, CT-RSA 2015, vol. 9048 of LNCS (Springer, Heidelberg, 2015), pp. 487–505

  20. G. Castagnos, F. Laguillaumie, I. Tucker, Practical fully secure unrestricted inner product functional encryption modulo p, in T. Peyrin, S. Galbraith, editors, ASIACRYPT 2018, Part II, vol. 11273 of LNCS (Springer, Heidelberg, 2018), pp. 733–764

  21. G. Castagnos, F. Laguillaumie, I. Tucker, Threshold linearly homomorphic encryption on \({\textbf{Z}}/2^k{\textbf{Z}}\). Cryptology ePrint Archive, Paper 2022/1143, 2022. https://eprint.iacr.org/2022/1143, to appear at ASIACRYPT 2022

  22. P. Chaidos, G. Couteau, Efficient designated-verifier non-interactive zero-knowledge proofs of knowledge, in J. B. Nielsen, V. Rijmen, editors, EUROCRYPT 2018, Part III, vol. 10822 of LNCS (Springer, Heidelberg, 2018), pp. 193–221

  23. CHIA. Chia Verifiable Delay Function Competition (2018). https://medium.com/@chia.net/chia-vdf-competition-guide-5382e1f4bd39

  24. G. Couteau, D. Goudarzi, M. Klooß, M. Reichle, Sharp: Short relaxed range proofs. Cryptology ePrint Archive, Paper 2022/1153 (2022). https://eprint.iacr.org/2022/1153

  25. G. Couteau, M. Klooß, H. Lin, M. Reichle, Efficient range proofs with transparent setup from bounded integer commitments, in A. Canteaut, F.-X. Standaert, editors, EUROCRYPT 2021, Part III, vol. 12698 of LNCS (Springer, Heidelberg, 2021), pp. 247–277

  26. D. Cox, Primes of the Form\(x^2+ny^2\): Fermat, Class Field Theory, and Complex Multiplication. Pure and Applied Mathematics: A Wiley Series of Texts, Monographs and Tracts (Wiley, 2014)

  27. P. Das, M.J. Jacobson Jr., R. Scheidler, Improved efficiency of a linearly homomorphic cryptosystem, in Codes, Cryptology and Information Security (Springer, 2019), pp. 349–368

  28. Y. Deng, S. Ma, X. Zhang, H. Wang, X. Song, X. Xie, Promise \(\Sigma \)-protocol: How to construct efficient threshold ECDSA from encryptions based on class groups, in M. Tibouchi, H. Wang, editors, ASIACRYPT 2021, Part IV, vol. 13093 of LNCS (Springer, Heidelberg, 2021), pp. 557–586

  29. W. Diffie, M.E. Hellman. New directions in cryptography. IEEE Trans. Inf. Theory 22(6):644–654 (1976)

  30. S. Dobson, S. Galbraith, B. Smith. Trustless unknown-order groups. Math. Cryptol. 1(1):1–15 (2021)

  31. T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms, in G.R. Blakley, D. Chaum, editors, CRYPTO’84, vol. 196 of LNCS (Springer, Heidelberg, 1984), pp. 10–18

  32. N. Glaeser, M. Maffei, G. Malavolta, P. Moreno-Sanchez, E. Tairi, S.A. Thyagarajan, Foundations of coin mixing services. Cryptology ePrint Archive, Paper 2022/942 (2022). https://eprint.iacr.org/2022/942

  33. GMP. The GNU Multiple Precision Arithmetic Library. https://gmplib.org/

  34. J.L. Hafner, K.S. McCurley. A rigorous subexponential algorithm for computation of class groups. J. Am. Math. Soc. 2(4):837–850 (1989)

  35. D. Hankerson, A.J. Menezes, S. Vanstone, Guide to Elliptic Curve Cryptography (Springer, Berlin, Heidelberg, 2003)

  36. W. Hart, F. Johansson, S. Pancratz, FLINT: Fast Library for Number Theory. Version 2.9.0 (2022). http://flintlib.org

  37. D. Hühnlein, Efficient implementation of cryptosystems based on non-maximal imaginary quadratic orders, in H.M. Heys, C.M. Adams, editors, SAC 1999, vol. 1758 of LNCS (Springer, Heidelberg, 1999), pp. 147–162

  38. D. Hühnlein, M. J. Jacobson Jr., S. Paulus, T. Takagi, A cryptosystem based on non-maximal imaginary quadratic orders with fast decryption, in K. Nyberg, editor, EUROCRYPT’98, vol. 1403 of LNCS (Springer, Heidelberg, 1998), pp. 294–307

  39. D. Hühnlein, M.J. Jacobson Jr., D. Weber, Towards practical non-interactive public key cryptosystems using non-maximal imaginary quadratic orders, in D.R. Stinson, S.E. Tavares, editors, SAC 2000, vol. 2012 of LNCS (Springer, Heidelberg, 2001), pp. 275–287

  40. M.J. Jacobson Jr. Computing discrete logarithms in quadratic orders. J. Cryptol. 13(4):473–492 (2000)

  41. B. King, wNAF*, an efficient left-to-right signed digit recoding algorithm, in S.M. Bellovin, R. Gennaro, A.D. Keromytis, M. Yung, editors, ACNS 08, vol. 5037 of LNCS (Springer, Heidelberg, 2008), pp. 429–445

  42. T. Kleinjung. Quadratic sieving. Math. Comput. 85(300):1861–1873 (2016)

  43. J. Lagarias. Worst-case complexity bounds for algorithms in the theory of integral quadratic forms. J. Algorithms, 1(2):142 – 186 (1980)

  44. R.W. F. Lai, G. Malavolta, Subvector commitments with application to succinct arguments, in A. Boldyreva, D. Micciancio, editors, CRYPTO 2019, Part I, vol. 11692 of LNCS (Springer, Heidelberg, 2019), pp. 530–560

  45. H. Lipmaa, Secure accumulators from Euclidean rings without trusted setup, in F. Bao, P. Samarati, J. Zhou, editors, ACNS 12, vol. 7341 of LNCS (Springer, Heidelberg, 2012), pp. 224–240

  46. K.S. McCurley, Cryptographic key distribution and computation in class groups, in R.A. Molin, editor, Proc. NATO Advanced Study Inst. on Number Theory and Applications, Banff, 1988 (Kluwer, Boston, 1989).

  47. P. Paillier, Public-key cryptosystems based on composite degree residuosity classes, in J. Stern, editor, EUROCRYPT’99, vol. 1592 of LNCS (Springer, Heidelberg, 1999), pp. 223–238

  48. PARI Group, Univ. Bordeaux. PARI/GP version 2.15.0 (2022). http://pari.math.u-bordeaux.fr/

  49. M. Sayles. libqform (2014). https://github.com/maxwellsayles/libqform

  50. D. Shanks, On Gauss and composition I, II, in Proc. NATO ASI on Number Theory and Applications (Kluwer Academic Press, 1989), pp. 163–179

  51. J.A. Solinas, Low-weight binary representations for pairs of integers. Research report CORR 2001-41, Center for Applied Cryptographic Research, University of Waterloo, Waterloo, ON, Canada (2001)

  52. E.G. Straus. Addition chains of vectors (problem 5125). Am. Math. Mon. 71(7):806–808 (1964)

  53. S.A.K. Thyagarajan, G. Castagnos, F. Laguillaumie, G. Malavolta, Efficient CCA timed commitments in class groups, in G. Vigna, E. Shi, editors, ACM CCS 2021 (ACM Press, 2021), pp. 2663–2684

  54. I. Tucker, Functional encryption and distributed signatures based on projective hash functions, the benefit of class groups. PhD thesis, Université de Lyon (2020)

  55. B. Wesolowski. Efficient verifiable delay functions. J. Cryptol. 33(4):2113–2147 (2020)

  56. T.H. Yuen, H. Cui, X. Xie, Compact zero-knowledge proofs for threshold ECDSA with trustless setup, in J. Garay, editor, PKC 2021, Part I, vol. 12710 of LNCS (Springer, Heidelberg, 2021), pp. 481–511

  57. Zengo. Class: Rust library for building iqc. https://github.com/ZenGo-X/class

Download references

Acknowledgements

We thank the anonymous reviewers for their comments in improving the exposition. This work was partially supported by the French ANR Project ANR-21-CE39-0006 SANGRIA and by the France 2030 ANR Project ANR-22-PECY-003 SecureCompute.

Author information

Authors and Affiliations

  1. Université de Montpellier, CNRS, LIRMM, Montpellier, France

    Cyril Bouvier, Laurent Imbert & Fabien Laguillaumie

  2. Université de Bordeaux, CNRS, INRIA, IMB, UMR 5251, 33400, Talence, France

    Guilhem Castagnos

Authors
  1. Cyril Bouvier
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guilhem Castagnos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Laurent Imbert
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fabien Laguillaumie
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Guilhem Castagnos.

Additional information

Communicated by David Pointcheval and Nigel Smart.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bouvier, C., Castagnos, G., Imbert, L. et al. I Want to Ride My BICYCL : BICYCL Implements CryptographY in CLass Groups. J Cryptol 36, 17 (2023). https://doi.org/10.1007/s00145-023-09459-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s00145-023-09459-1

Keywords

Search

Navigation