TY - GEN
T1 - Design and analysis of fast provably secure public-key cryptosystems based on a modular squaring
AU - Nishioka, Mototsugu
AU - Satoh, Hisayoshi
AU - Sakurai, Kouichi
PY - 2002
Y1 - 2002
N2 - We design a provably secure public-key encryption scheme based on modular squaring (Rabin’s public-key encryption scheme [28]) over ZN, where N = pdq (p and q are prime integers, and d > 1), and we show that this scheme is extremely faster than the existing provably secure schemes. Security of our scheme is enhanced by the original OAEP padding scheme [3]. While Boneh presents two padding schemes that are simplified OAEP, and applies them to design provably secure Rabin-based schemes (Rabin-SAEP, Rabin-SAEP+), no previous works explores Rabin-OAEP. We gives the exact argument of security of our OAEP-based scheme. For speeding up our scheme, we develop a new technique of fast decryption, which is a modification of Takagi’s method for RSA-type scheme with N = pdq [31]. Takagi’s method uses Chinese Remainder Theorem (CRT), whereas our decryption requires no CRTlike computation. We also compare our scheme to existing factoringbased schemes including RSA-OAEP, Rabin-SAEP and Rabin-SAEP+. Furthermore, we consider the (future) hardness of the integer-factoring: N = pdq vs. N = pq for large size of N.
AB - We design a provably secure public-key encryption scheme based on modular squaring (Rabin’s public-key encryption scheme [28]) over ZN, where N = pdq (p and q are prime integers, and d > 1), and we show that this scheme is extremely faster than the existing provably secure schemes. Security of our scheme is enhanced by the original OAEP padding scheme [3]. While Boneh presents two padding schemes that are simplified OAEP, and applies them to design provably secure Rabin-based schemes (Rabin-SAEP, Rabin-SAEP+), no previous works explores Rabin-OAEP. We gives the exact argument of security of our OAEP-based scheme. For speeding up our scheme, we develop a new technique of fast decryption, which is a modification of Takagi’s method for RSA-type scheme with N = pdq [31]. Takagi’s method uses Chinese Remainder Theorem (CRT), whereas our decryption requires no CRTlike computation. We also compare our scheme to existing factoringbased schemes including RSA-OAEP, Rabin-SAEP and Rabin-SAEP+. Furthermore, we consider the (future) hardness of the integer-factoring: N = pdq vs. N = pq for large size of N.
UR - http://www.scopus.com/inward/record.url?scp=84949984322&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84949984322&partnerID=8YFLogxK
U2 - 10.1007/3-540-45861-1_8
DO - 10.1007/3-540-45861-1_8
M3 - Conference contribution
AN - SCOPUS:84949984322
SN - 3540433198
SN - 9783540433194
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 81
EP - 102
BT - Information Security and Cryptology - ICISC 2001 - 4th International Conference, Proceedings
A2 - Kim, Kwangjo
PB - Springer Verlag
T2 - 4th International Conference on Information Security and Cryptology, ICISC 2001
Y2 - 6 December 2001 through 7 December 2001
ER -