Efficient Cryptosystems From $$\mathbf{2}^{{\varvec{k}}}$$2k-th Power Residue Symbols

Goldwasser and Micali (J Comput Syst Sci 28(2):270–299, 1984) highlighted the importance of randomizing the plaintext for public-key encryption and introduced the notion of semantic security. They also realized a cryptosystem meeting this security notion under the standard complexity assumption of deciding quadratic residuosity modulo a composite number. The Goldwasser–Micali cryptosystem is simple and elegant but is quite wasteful in bandwidth when encrypting large messages. A number of works followed to address this issue and proposed various modifications. This paper revisits the original Goldwasser–Micali cryptosystem using $$2^k$$2k-th power residue symbols. The so-obtained cryptosystems appear as a very natural generalization for $$k \ge 2$$k≥2 (the case $$k=1$$k=1 corresponds exactly to the Goldwasser–Micali cryptosystem). Advantageously, they are efficient in both bandwidth and speed; in particular, they allow for fast decryption. Further, the cryptosystems described in this paper inherit the useful features of the original cryptosystem (like its homomorphic property) and are shown to be secure under a similar complexity assumption. As a prominent application, this paper describes an efficient lossy trapdoor function-based thereon.

[1]  Marc Girault,et al.  An Identity-based Identification Scheme Based on Discrete Logarithms Modulo a Composite Number , 1991, EUROCRYPT.

[2]  Rafail Ostrovsky,et al.  Lossy Trapdoor Functions from Smooth Homomorphic Hash Proof Systems , 2009, Electron. Colloquium Comput. Complex..

[3]  Don Coppersmith,et al.  Finding a Small Root of a Bivariate Integer Equation; Factoring with High Bits Known , 1996, EUROCRYPT.

[4]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[5]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[6]  DamgårdIvan,et al.  A generalization of Paillier’s public-key system with applications to electronic voting , 2010 .

[7]  Chae Hoon Lim,et al.  Security and Performance of Server-Aided RSA Computation Protocols , 1995, CRYPTO.

[8]  Richard Pinch,et al.  Further Attacks on Server-aided Rsa Cryptosystems , 1998 .

[9]  Hoeteck Wee,et al.  Dual Projective Hashing and Its Applications - Lossy Trapdoor Functions and More , 2012, EUROCRYPT.

[10]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[11]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[12]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[13]  Tatsuaki Okamoto,et al.  A New Public-Key Cryptosystem as Secure as Factoring , 1998, EUROCRYPT.

[14]  Serge Fehr,et al.  On Notions of Security for Deterministic Encryption, and Efficient Constructions without Random Oracles , 2008, CRYPTO.

[15]  Manuel Blum,et al.  Comparison of Two Pseudo-Random Number Generators , 1982, CRYPTO.

[16]  Song Y. Yan Number Theory for Computing , 2000, Springer Berlin Heidelberg.

[17]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[18]  Rosario Gennaro,et al.  Paillier's cryptosystem revisited , 2001, CCS '01.

[19]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[20]  Michael Rosen,et al.  A classical introduction to modern number theory , 1982, Graduate texts in mathematics.

[21]  Marc Joye,et al.  Efficient Generation of Prime Numbers , 2000, CHES.

[22]  Josh Benaloh Verifiable secret-ballot elections , 1987 .

[23]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[24]  Victor Shoup,et al.  A computational introduction to number theory and algebra , 2005 .

[25]  Renate Scheidler,et al.  A Public-Key Cryptosystem Using Purely Cubic Fields , 1998, Journal of Cryptology.

[26]  Oded Goldreich,et al.  More Constructions of Lossy and Correlation-Secure Trapdoor Functions , 2010, Journal of Cryptology.

[27]  R. Odoni A CLASSICAL INTRODUCTION TO MODERN NUMBER THEORY (Graduate Texts in Mathematics, 84) , 1984 .

[28]  Rafail Ostrovsky,et al.  Extended-DDH and Lossy Trapdoor Functions , 2012, Public Key Cryptography.

[29]  Eike Kiltz,et al.  Instantiability of RSA-OAEP under Chosen-Plaintext Attack , 2010, CRYPTO.

[30]  Renate Scheidler,et al.  A public-key cryptosystem utilizing cyclotomic fields , 1995, Des. Codes Cryptogr..

[31]  R. Venkatesan APPLICATIONS OF CAYLEY GRAPHS , BILINEARITY , AND HIGHER-ORDER RESIDUES TO CRYPTOLOGY , 2004 .

[32]  Kaoru Kurosawa,et al.  General Public Key Residue Cryptosystems and Mental Poker Protocols , 1991, EUROCRYPT.

[33]  Serge Vaudenay,et al.  Undeniable Signatures Based on Characters: How to Sign with One Bit , 2004, Public Key Cryptography.

[34]  Franz Lemmermeyer,et al.  Rational Reciprocity Laws , 2000 .

[35]  Mihir Bellare,et al.  Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening , 2009, EUROCRYPT.

[36]  Jonathan Katz,et al.  Threshold Cryptosystems Based on Factoring , 2002, ASIACRYPT.

[37]  Yuliang Zheng,et al.  Residuosity problem and its applications to cryptography , 1988 .

[38]  D. Boneh,et al.  Applications of Cayley graphs, bilinearity, and higher-order residues to cryptology , 2004 .

[39]  Scott Yilek,et al.  Chosen-Ciphertext Security from Slightly Lossy Trapdoor Functions , 2010, Public Key Cryptography.

[40]  Don Coppersmith,et al.  Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities , 1997, Journal of Cryptology.

[41]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[42]  Phong Q. Nguyen Public-key Cryptanalysis , 2008 .

[43]  Jens Groth,et al.  Cryptography in Subgroups of Zn , 2005, TCC.

[44]  Moti Yung,et al.  A New Randomness Extraction Paradigm for Hybrid Encryption , 2009, EUROCRYPT.

[45]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[46]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[47]  Brent Waters,et al.  Lossy Trapdoor Functions and Their Applications , 2011, SIAM J. Comput..

[48]  Bo Young Lee,et al.  A probabilistic encryption using very high residuosity and its applications , 1995, Proceedings of GLOBECOM '95.

[49]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[50]  Serge Vaudenay,et al.  Generic Homomorphic Undeniable Signatures , 2004, ASIACRYPT.

[51]  Hovav Shacham,et al.  Hedged Public-Key Encryption: How to Protect against Bad Randomness , 2009, ASIACRYPT.

[52]  Moni Naor,et al.  Magic Functions: In Memoriam: Bernard M. Dwork 1923--1998 , 2003, JACM.

[53]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[54]  V. Shoup,et al.  Information technology-Security techniques-Encryption algorithms-Part 2 : Asymmetric Ciphers , 2004 .

[55]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[56]  Moni Naor,et al.  Magic functions , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[57]  David Pointcheval,et al.  Tighter Reductions for Forward-Secure Signature Schemes , 2013, Public Key Cryptography.

[58]  Jacques Stern,et al.  A new public key cryptosystem based on higher residues , 1998, CCS '98.

[59]  Michael J. Fischer,et al.  A robust and verifiable cryptographically secure election scheme , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[60]  Marc Joye,et al.  Fast Generation of Prime Numbers on Portable Devices: An Update , 2006, CHES.

[61]  Eike Kiltz,et al.  Practical Chosen Ciphertext Secure Encryption from Factoring , 2009, Journal of Cryptology.

[62]  Zvika Brakerski,et al.  Better Security for Deterministic Public-Key Encryption: The Auxiliary-Input Setting , 2011, Journal of Cryptology.

[63]  CoppersmithDon Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities , 1997 .