On the security of a modified paillier public-key primitive

Kouichi Sakurai; Tsuyoshi Takagi

doi:10.1007/3-540-45450-0_33

On the security of a modified paillier public-key primitive

Kouichi Sakurai, Tsuyoshi Takagi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Citations (Scopus)

Abstract

Choi et al. proposed the modified Paillier cryptosystem (M-Paillier cryptosystem). They use a special public-key g ∈ ZZ/nZZ such that g^ϕ(n) = 1+n mod n², where n is the RSA modulus. The distribution of the public key g is different from that of the original one. In this paper, we study the security of the usage of the public key. Firstly, we prove that the one-wayness of the M-Paillier cryptosystem is as intractable as factoring the modulus n, if the public key g can be generated only by the public modulus n. Secondly, we prove that the oracle that can generate the public-key factors the modulus n. Thus the public keys cannot be generated without knowing the factoring of n. The Paillier cryptosystem can use the public key g = 1+n, which is generated only from the public modulus n. Thirdly, we propose a chosen ciphertext attack against the M-Paillier cryptosystem. Our attack can factor the modulus n by only one query to the decryption oracle. This type of total breaking attack has not been reported for the original Paillier cryptosystem. Finally, we discuss the relationship between the M-Paillier cryptosystem and the Okamoto-Uchiyama scheme.

Original language	English
Title of host publication	Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings
Editors	Lynn Batten, Jennifer Seberry
Publisher	Springer Verlag
Pages	436-448
Number of pages	13
ISBN (Print)	3540438610, 9783540438618
DOIs	https://doi.org/10.1007/3-540-45450-0_33
Publication status	Published - 2002
Event	7th Australasian Conference on Information Security and Privacy, ACISP 2002 - Melbourne, Australia Duration: Jul 3 2002 → Jul 5 2002

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2384
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	7th Australasian Conference on Information Security and Privacy, ACISP 2002
Country/Territory	Australia
City	Melbourne
Period	7/3/02 → 7/5/02

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/3-540-45450-0_33

Cite this

Sakurai, K., & Takagi, T. (2002). On the security of a modified paillier public-key primitive. In L. Batten, & J. Seberry (Eds.), Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings (pp. 436-448). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2384). Springer Verlag. https://doi.org/10.1007/3-540-45450-0_33

On the security of a modified paillier public-key primitive. / Sakurai, Kouichi; Takagi, Tsuyoshi.
Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings. ed. / Lynn Batten; Jennifer Seberry. Springer Verlag, 2002. p. 436-448 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2384).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Sakurai, K & Takagi, T 2002, On the security of a modified paillier public-key primitive. in L Batten & J Seberry (eds), Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2384, Springer Verlag, pp. 436-448, 7th Australasian Conference on Information Security and Privacy, ACISP 2002, Melbourne, Australia, 7/3/02. https://doi.org/10.1007/3-540-45450-0_33

Sakurai K, Takagi T. On the security of a modified paillier public-key primitive. In Batten L, Seberry J, editors, Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings. Springer Verlag. 2002. p. 436-448. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/3-540-45450-0_33

Sakurai, Kouichi ; Takagi, Tsuyoshi. / On the security of a modified paillier public-key primitive. Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings. editor / Lynn Batten ; Jennifer Seberry. Springer Verlag, 2002. pp. 436-448 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5404c478f1f243b08fc29a2a0f2fb6f7,

title = "On the security of a modified paillier public-key primitive",

abstract = "Choi et al. proposed the modified Paillier cryptosystem (M-Paillier cryptosystem). They use a special public-key g ∈ ZZ/nZZ such that gϕ(n) = 1+n mod n2, where n is the RSA modulus. The distribution of the public key g is different from that of the original one. In this paper, we study the security of the usage of the public key. Firstly, we prove that the one-wayness of the M-Paillier cryptosystem is as intractable as factoring the modulus n, if the public key g can be generated only by the public modulus n. Secondly, we prove that the oracle that can generate the public-key factors the modulus n. Thus the public keys cannot be generated without knowing the factoring of n. The Paillier cryptosystem can use the public key g = 1+n, which is generated only from the public modulus n. Thirdly, we propose a chosen ciphertext attack against the M-Paillier cryptosystem. Our attack can factor the modulus n by only one query to the decryption oracle. This type of total breaking attack has not been reported for the original Paillier cryptosystem. Finally, we discuss the relationship between the M-Paillier cryptosystem and the Okamoto-Uchiyama scheme.",

author = "Kouichi Sakurai and Tsuyoshi Takagi",

year = "2002",

doi = "10.1007/3-540-45450-0_33",

language = "English",

isbn = "3540438610",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "436--448",

editor = "Lynn Batten and Jennifer Seberry",

booktitle = "Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings",

address = "Germany",

note = "7th Australasian Conference on Information Security and Privacy, ACISP 2002 ; Conference date: 03-07-2002 Through 05-07-2002",

}

TY - GEN

T1 - On the security of a modified paillier public-key primitive

AU - Sakurai, Kouichi

AU - Takagi, Tsuyoshi

PY - 2002

Y1 - 2002

N2 - Choi et al. proposed the modified Paillier cryptosystem (M-Paillier cryptosystem). They use a special public-key g ∈ ZZ/nZZ such that gϕ(n) = 1+n mod n2, where n is the RSA modulus. The distribution of the public key g is different from that of the original one. In this paper, we study the security of the usage of the public key. Firstly, we prove that the one-wayness of the M-Paillier cryptosystem is as intractable as factoring the modulus n, if the public key g can be generated only by the public modulus n. Secondly, we prove that the oracle that can generate the public-key factors the modulus n. Thus the public keys cannot be generated without knowing the factoring of n. The Paillier cryptosystem can use the public key g = 1+n, which is generated only from the public modulus n. Thirdly, we propose a chosen ciphertext attack against the M-Paillier cryptosystem. Our attack can factor the modulus n by only one query to the decryption oracle. This type of total breaking attack has not been reported for the original Paillier cryptosystem. Finally, we discuss the relationship between the M-Paillier cryptosystem and the Okamoto-Uchiyama scheme.

AB - Choi et al. proposed the modified Paillier cryptosystem (M-Paillier cryptosystem). They use a special public-key g ∈ ZZ/nZZ such that gϕ(n) = 1+n mod n2, where n is the RSA modulus. The distribution of the public key g is different from that of the original one. In this paper, we study the security of the usage of the public key. Firstly, we prove that the one-wayness of the M-Paillier cryptosystem is as intractable as factoring the modulus n, if the public key g can be generated only by the public modulus n. Secondly, we prove that the oracle that can generate the public-key factors the modulus n. Thus the public keys cannot be generated without knowing the factoring of n. The Paillier cryptosystem can use the public key g = 1+n, which is generated only from the public modulus n. Thirdly, we propose a chosen ciphertext attack against the M-Paillier cryptosystem. Our attack can factor the modulus n by only one query to the decryption oracle. This type of total breaking attack has not been reported for the original Paillier cryptosystem. Finally, we discuss the relationship between the M-Paillier cryptosystem and the Okamoto-Uchiyama scheme.

UR - http://www.scopus.com/inward/record.url?scp=55749113270&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=55749113270&partnerID=8YFLogxK

U2 - 10.1007/3-540-45450-0_33

DO - 10.1007/3-540-45450-0_33

M3 - Conference contribution

AN - SCOPUS:55749113270

SN - 3540438610

SN - 9783540438618

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 436

EP - 448

BT - Information Security and Privacy - 7th Australasian Conference, ACISP 2002, Proceedings

A2 - Batten, Lynn

A2 - Seberry, Jennifer

PB - Springer Verlag

T2 - 7th Australasian Conference on Information Security and Privacy, ACISP 2002

Y2 - 3 July 2002 through 5 July 2002

ER -

On the security of a modified paillier public-key primitive

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this