Paper 2002/080

Applications of Multilinear Forms to Cryptography

Dan Boneh and Alice Silverberg


We study the problem of finding efficiently computable non-degenerate multilinear maps from $G_1^n$ to $G_2$, where $G_1$ and $G_2$ are groups of the same prime order, and where computing discrete logarithms in $G_1$ is hard. We present several applications to cryptography, explore directions for building such maps, and give some reasons to believe that finding examples with $n>2$ may be difficult.

Note: In the April 2018 revised version, a correction was made to the proof of Corollary 7.6, and more details are now given in that proof.

Published elsewhere. Minor revision. Topics in Algebraic and Noncommutative Geometry, eds. C. G. Melles et al., Contemporary Mathematics 324, AMS (2003), 71-90
asilverb @ uci edu
2018-04-30: last of 2 revisions
2002-06-24: received
See all versions
Creative Commons Attribution


