### Abstract

We analyze the security of the simplified Paillier (S-Paillier) cryptosystem, which was proposed by Catalano et al. We prove that the one-wayness of the S-Paillier scheme is as intractable as the standard RSA problem. We also prove that an adversary, which breaks the semantic security, can compute the least significant bits of the nonce. This observation is interesting, because the least significant bit of the nonce is the hard core bit of the encryption function. Moreover, we proposed a novel semantically secure cryptosystem, based on the one-way function f^{e,n}_{MSBZ}_{(}_{l}_{)} (r) = (r−MSBl(r))^{e}mod n, where (e, n) is the RSA public-key and r −MSBl(r) means that the l most significant bits of r are zeroed. We proved that the one-wayness of the proposed scheme is as intractable as the standard RSA problem. An adversary, which breaks the semantic security of the proposed scheme, can break the least significant bits of the nonce. These security results of the proposed scheme are similar to those of the S-Paillier cryptosystem. However, the proposed scheme is more efficient than the S-Paillier cryptosystem.

Original language | English |
---|---|

Title of host publication | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |

Editors | David Naccache, Pascal Paillier |

Publisher | Springer Verlag |

Pages | 1-16 |

Number of pages | 16 |

ISBN (Print) | 3540431683, 9783540431688 |

DOIs | |

Publication status | Published - Jan 1 2002 |

Event | 5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002 - Paris, France Duration: Feb 12 2002 → Feb 14 2002 |

### Publication series

Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|

Volume | 2274 |

ISSN (Print) | 0302-9743 |

ISSN (Electronic) | 1611-3349 |

### Other

Other | 5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002 |
---|---|

Country | France |

City | Paris |

Period | 2/12/02 → 2/14/02 |

### Fingerprint

### All Science Journal Classification (ASJC) codes

- Theoretical Computer Science
- Computer Science(all)

### Cite this

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)*(pp. 1-16). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2274). Springer Verlag. https://doi.org/10.1007/3-540-45664-3_1

**New semantically secure public-key cryptosystems from the rsa-primitive.** / Sakurai, Kouichi; Takagi, Tsuyoshi.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2274, Springer Verlag, pp. 1-16, 5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002, Paris, France, 2/12/02. https://doi.org/10.1007/3-540-45664-3_1

}

TY - GEN

T1 - New semantically secure public-key cryptosystems from the rsa-primitive

AU - Sakurai, Kouichi

AU - Takagi, Tsuyoshi

PY - 2002/1/1

Y1 - 2002/1/1

N2 - We analyze the security of the simplified Paillier (S-Paillier) cryptosystem, which was proposed by Catalano et al. We prove that the one-wayness of the S-Paillier scheme is as intractable as the standard RSA problem. We also prove that an adversary, which breaks the semantic security, can compute the least significant bits of the nonce. This observation is interesting, because the least significant bit of the nonce is the hard core bit of the encryption function. Moreover, we proposed a novel semantically secure cryptosystem, based on the one-way function fe,nMSBZ(l) (r) = (r−MSBl(r))emod n, where (e, n) is the RSA public-key and r −MSBl(r) means that the l most significant bits of r are zeroed. We proved that the one-wayness of the proposed scheme is as intractable as the standard RSA problem. An adversary, which breaks the semantic security of the proposed scheme, can break the least significant bits of the nonce. These security results of the proposed scheme are similar to those of the S-Paillier cryptosystem. However, the proposed scheme is more efficient than the S-Paillier cryptosystem.

AB - We analyze the security of the simplified Paillier (S-Paillier) cryptosystem, which was proposed by Catalano et al. We prove that the one-wayness of the S-Paillier scheme is as intractable as the standard RSA problem. We also prove that an adversary, which breaks the semantic security, can compute the least significant bits of the nonce. This observation is interesting, because the least significant bit of the nonce is the hard core bit of the encryption function. Moreover, we proposed a novel semantically secure cryptosystem, based on the one-way function fe,nMSBZ(l) (r) = (r−MSBl(r))emod n, where (e, n) is the RSA public-key and r −MSBl(r) means that the l most significant bits of r are zeroed. We proved that the one-wayness of the proposed scheme is as intractable as the standard RSA problem. An adversary, which breaks the semantic security of the proposed scheme, can break the least significant bits of the nonce. These security results of the proposed scheme are similar to those of the S-Paillier cryptosystem. However, the proposed scheme is more efficient than the S-Paillier cryptosystem.

UR - http://www.scopus.com/inward/record.url?scp=84958964396&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84958964396&partnerID=8YFLogxK

U2 - 10.1007/3-540-45664-3_1

DO - 10.1007/3-540-45664-3_1

M3 - Conference contribution

AN - SCOPUS:84958964396

SN - 3540431683

SN - 9783540431688

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1

EP - 16

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

A2 - Naccache, David

A2 - Paillier, Pascal

PB - Springer Verlag

ER -