How to Compress Rabin Ciphertexts and Signatures (and More)

Ordinarily, RSA and Rabin ciphertexts and signatures are log N bits, where N is a composite modulus; here, we describe how to “compress” Rabin ciphertexts and signatures (among other things) down to about (2/3)log N bits, while maintaining a tight provable reduction from factoring in the random oracle model. The computational overhead of our compression algorithms is small. We also improve upon Coron’s results regarding partial-domain-hash signature schemes, reducing by over 300 bits the hash output size necessary to prove adequate security.

[1]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[2]  Hovav Shacham,et al.  Sequential Aggregate Signatures from Trapdoor Permutations , 2004, EUROCRYPT.

[3]  Brigitte Vallée Provably fast integer factoring with quasi-uniform small quadratic residues , 1989, STOC '89.

[4]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[5]  D. Boneh,et al.  Factoring N = pr q for large r , 1999 .

[6]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[7]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[8]  Marvin I. Knopp Review: Robert A. Rankin, Modular forms and functions, and Tom M. Apostol, Modular functions and Dirichlet series in number theory , 1979 .

[9]  Krste Asanovic,et al.  Energy-aware lossless data compression , 2006, TOCS.

[10]  Adi Shamir,et al.  An Improvement of the Fiat-Shamir Identification and Signature Scheme , 1988, CRYPTO.

[11]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[12]  Dan Boneh,et al.  Breaking RSA May Not Be Equivalent to Factoring , 1998, EUROCRYPT.

[13]  B. Vallée Generation of elements with small modular squares and provably fast integer factoring algorithms , 1991 .

[14]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[15]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[16]  Dan Boneh,et al.  Factoring N = prq for Large r , 1999, CRYPTO.

[17]  Claus-Peter Schnorr,et al.  Fast Signature Generation With a Fiat Shamir-Like Scheme , 1991, EUROCRYPT.

[18]  Jakob Jonsson,et al.  An OAEP Variant With a Tight Security Proof , 2002, IACR Cryptol. ePrint Arch..

[19]  Jean-Sébastien Coron,et al.  On the Exact Security of Full Domain Hash , 2000, CRYPTO.

[20]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[21]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[22]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[23]  Arjen K. Lenstra,et al.  The XTR Public Key System , 2000, CRYPTO.

[24]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[25]  DANIEL J. BERNSTEIN PROVING TIGHT SECURITY FOR STANDARD RABIN-WILLIAMS SIGNATURES , 2003 .

[26]  Adi Shamir,et al.  Analysis of Bernstein's Factorization Circuit , 2002, ASIACRYPT.

[27]  Don Coppersmith,et al.  Finding a Small Root of a Univariate Modular Equation , 1996, EUROCRYPT.

[28]  Dan Boneh,et al.  Simplified OAEP for the RSA and Rabin Functions , 2001, CRYPTO.

[29]  T. Apostol Modular Functions and Dirichlet Series in Number Theory , 1976 .

[30]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[31]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[32]  Alice Silverberg,et al.  Torus-Based Cryptography , 2003, CRYPTO.

[33]  Daniel Bleichenbacher,et al.  Compressing Rabin Signatures , 2004, CT-RSA.

[34]  Wenbo Mao,et al.  Two Birds One Stone: Signcryption Using RSA , 2003, CT-RSA.

[35]  Jean-Sébastien Coron,et al.  Security Proof for Partial-Domain Hash Signature Schemes , 2002, CRYPTO.

[36]  Daniel J. Bernstein,et al.  A Secure Public-Key Signature System With Extremely Fast Verification , 2000 .