Abstract
We propose a practical scheme based on factoring and semantically secure (IND-CPA) in the standard model. The scheme is obtained from a modi.cation of the so called RSA-Paillier [5] scheme. This modification is reminiscent of the ones applied by Rabin [22] and Williams [25] to the well-known RSA cryptosystem. Thanks to the special properties of such schemes, we obtain efficiency similar to that of RSA cryptosystem, provably secure encryption (since recovering plaintext from ciphertext is as hard as factoring) and indistinguishability against plaintext attacks. We also construct a new trapdoor permutation based on factoring, which has interest on its own. Semantic security of the scheme is based on an appropiate decisional assumption, named as Decisional Small 2e-Residues assumption. The robustness of this assumption is also discussed. Compared to Okamoto-Uchiyama's scheme [18], the previous IND-CPA cryptosystem in the standard model with onewayness based on factoring, our scheme is drastically more efficient in encryption, and presents higher bandwith, achieving the same expansion factor as Paillier or El Gamal schemes. We believe the new scheme could be an interesting starting point to develop efficient IND-CCA schemes in the standard model with one-wayness based on factoring.
Chapter PDF
Similar content being viewed by others
References
M. Abdalla, M. Bellare and P. Rogaway. DHAES: An Encryption Scheme Based on the Diffle-Hellman Problem. Submission to IEEE P1363a. (1998) 280
M. Bellare and P. Rogaway. Random Oracles are Practical: a Paradigm for Designing Efficient Protocols. ACM CCS 93, ACM Press (1993) 280
D. Boneh. Simplified OAEP for the RSA and Rabin Functions. CRYPTO’ 01, LNCS 2139 275–291(2001). 288
R. Canetti. Towards realizing random oracles: Hash functions that hide all partial information. CRYPTO’ 97, LNCS 1294 455–469 (1997). 280
D. Catalano, R. Gennaro, N. Howgrave-Graham and P.Q. Nguyen. Paillier’s Cryptosystem Revisited. ACM CCS’ 2001 ACM Press (2001). 279, 280, 281, 283, 289
D. Catalano, P.Q. Nguyen and J. Stern. The Hardness of Hensel Lifting: The Case of RSA and Discrete Logarithm. To appear at Proceedings of ASIACRYPT’2002. LNCS 2501 (2002). 280, 283, 287, 290
D. Coppersmith. Finding a small root of a univariate modular equation. EUROCRYPT’ 96, LNCS 1070 155–165 (1996). 289
R. Cramer and V. Shoup. A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. CRYPTO’ 98, LNCS 1462 13–25 (1998). 280
R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. EUROCRYPT’ 2002, LNCS 2332 45–64 (2002). 280
O. Goldreich. Foundation of Cryptography-Basic Tools. Cambridge University Press (2001). 282
S. Goldwasser and M. Bellare. Lecture Notes on Cryptography. http://www-cse.ucsd.edu/users/mihir 283
G. Gong and L. Harn. Public-key cryptosystems based on cubic finite field extensions. IEEE Transactions on Information Theory 45(7) 2601–2605 (1999) 284
S. Golwasser and S. Micali. Probabilistic encryption. Journal of Computer and System Sciences 28 270–299 (1984). 290
M. Joye and J. J. Quisquater. Cryptanalysis of RSA-type cryptosystems: a visit. Network Threats, DIMACS Series in Discr. Math. ant Th. Comp. Sci., AMS 21–31( 1998).
K. Kurosawa, W. Ogata, T. Matsuo and S. Makishima. IND-CCA Public Key Schemes Equivalent to Factoring n = pq. PKC’ 01, LNCS 1992 36–47 (2001). 288
S. Müeller. On the Security of a Williams Based Public Key Encryption Scheme. PKC’ 01, LNCS 1992 1–18 (2001) 280
M. Nishioka, H. Satoh and K. Sakurai. Public Key Cryptosystems Based on a Modular Squaring. ICISC’2001, LNCS 2288 81–102 (2001) 288
T. Okamoto and S. Uchiyama. A New Public-Key Cryptosystem as Secure as Factoring. EUROCRYPT-98, LNCS 1403 308–318 (1998) 279, 281
P. Paillier. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. EUROCRYPT’ 99, LNCS 1592 223–238 (1999). 280, 281, 283
J. Patarin and L. Goubin. Trapdoor One-Way Permutations and Multivariate Polynomials. Extended version of the paper published at ICICS’ 97, LNCS 1334 356–368. 281, 284
D. Pointcheval. Chosen-Ciphertext Security for any One-Way Cryptosystem. Proc. PKC’ 2000 LNCS 1751 129–146 (2000). 280, 281, 288
M.O. Rabin. Digitalized signatures and public key functions as intractable as factorisation. MIT/LCS/TR-212 MIT Laboratory for Computer Science (1979) 279, 281, 282
K. Sakurai and T. Takagi. New Semantically Secure Public-Key Cryptosystems from the RSA-Primitive. PKC 2002, LNCS 2274 (2002). 283, 287
H. C.A. van Tilborg. A Professional Reference and Interactive Tutorial. Kluwer Academic Publishers SECS 528 (1999). 283, 285
Williams H. C. A modification of the RSA Public-Key Encryption Procedure. IEEE Trans. Inf. Theory Vol. IT-26, No.6, 726–729 (1980). 279, 281
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Galindo, D., Martýn, S., Morillo, P., Villar, J.L. (2003). A Practical Public Key Cryptosystem from Paillier and Rabin Schemes. In: Desmedt, Y.G. (eds) Public Key Cryptography — PKC 2003. PKC 2003. Lecture Notes in Computer Science, vol 2567. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36288-6_21
Download citation
DOI: https://doi.org/10.1007/3-540-36288-6_21
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00324-3
Online ISBN: 978-3-540-36288-3
eBook Packages: Springer Book Archive