Design and Analysis of Fast Provably Secure Public-Key Cryptosystems Based on a Modular Squaring

We design a provably secure public-key encryption scheme based on modular squaring (Rabin's public-key encryption scheme [28]) over ZN, where N = pdq (p and q are prime integers, and d > 1), and we show that this scheme is extremely faster than the existing provably secure schemes. Security of our scheme is enhanced by the original OAEP padding scheme [3]. While Boneh presents two padding schemes that are simplified OAEP, and applies them to design provably secure Rabin-based schemes (Rabin-SAEP, Rabin-SAEP+), no previous works explores Rabin-OAEP. We gives the exact argument of security of our OAEP-based scheme. For speeding up our scheme, we develop a new technique of fast decryption, which is a modification of Takagi's method for RSA-type scheme with N = pdq [31]. Takagi's method uses Chinese Remainder Theorem (CRT), whereas our decryption requires no CRT-like computation. We also compare our scheme to existing factoring-based schemes including RSA-OAEP, Rabin-SAEP and Rabin-SAEP+. Furthermore, we consider the (future) hardness of the integer-factoring: N = pdq vs. N = pq for large size of N.

[1]  Daniel M. Gordon,et al.  Designing and Detecting Trapdoors for Discrete Log Cryptosystems , 1992, CRYPTO.

[2]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[3]  A. K. Lenstra,et al.  The Development of the Number Field Sieve , 1993 .

[4]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[5]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[6]  Carl Pomerance,et al.  The Development of the Number Field Sieve , 1994 .

[7]  Donald Ervin Knuth,et al.  The Art of Computer Programming, 2nd Ed. (Addison-Wesley Series in Computer Science and Information , 1978 .

[8]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[9]  Hugh C. Williams,et al.  A modification of the RSA public-key encryption procedure (Corresp.) , 1980, IEEE Trans. Inf. Theory.

[10]  D. Boneh,et al.  Factoring N = pr q for large r , 1999 .

[11]  Dan Boneh,et al.  Factoring N = prq for Large r , 1999, CRYPTO.

[12]  James Manger,et al.  A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0 , 2001, CRYPTO.

[13]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[14]  Kaoru Kurosawa,et al.  IND-CCA Public Key Schemes Equivalent to Factoring n=pq , 2001, Public Key Cryptography.

[15]  Dan Boneh,et al.  Simplified OAEP for the RSA and Rabin Functions , 2001, CRYPTO.

[16]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[17]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[18]  Daniel Bleichenbacher,et al.  Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.

[19]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[20]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[21]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[22]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[23]  Ernest F. Brickell,et al.  Advances in Cryptology — CRYPTO’ 92 , 2001, Lecture Notes in Computer Science.

[24]  Jennifer Seberry,et al.  Practical Approaches to Attaining Security Against Adaptively Chosen Ciphertext Attacks (Extended Abstract) , 1992, CRYPTO.

[25]  Mihir Bellare,et al.  Lecture Notes on Cryptography , 2001 .

[26]  Tsuyoshi Takagi,et al.  Fast RSA-Type Cryptosystem Modulo pkq , 1998, CRYPTO.

[27]  Ueli Maurer,et al.  Advances in Cryptology — EUROCRYPT ’96 , 2001, Lecture Notes in Computer Science.

[28]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[29]  J. Pollard A monte carlo method for factorization , 1975 .

[30]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[31]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[32]  Don Coppersmith,et al.  Finding a Small Root of a Univariate Modular Equation , 1996, EUROCRYPT.

[33]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[34]  Tatsuaki Okamoto,et al.  EPOC: Efficient Probabilistic Public-Key Encryption (Submission to P1363a) , 1998 .

[35]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[36]  Tatsuaki Okamoto,et al.  A New Public-Key Cryptosystem as Secure as Factoring , 1998, EUROCRYPT.

[37]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[38]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[39]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .