Some RSA-Based Encryption Schemes with Tight Security Reduction
نویسندگان
چکیده
In this paper, we study some RSA-based semantically secure encryption schemes (IND-CPA) in the standard model. We first derive the exactly tight one-wayness of Rabin-Paillier encryption scheme which assumes that factoring Blum integers is hard. We next propose the first IND-CPA scheme whose one-wayness is equivalent to factoring general n = pq (not factoring Blum integers). Our reductions of one-wayness are very tight because they require only one decryption-oracle query.
منابع مشابه
Tightly-Secure Signatures from Chameleon Hash Functions
We give a new framework for obtaining signatures with a tight security reduction from standardhardness assumptions. Concretely, we show that any Chameleon Hash function can be transformedinto a (binary) tree-based signature scheme with tight security. The transformation is in the standardmodel, i.e., it does not make use of any random oracle. For specific assumptions (such as RSA,<l...
متن کاملRSA hybrid encryption schemes
This document compares the two published RSA-based hybrid encryption schemes having linear reduction in their security proof: RSA-KEM with DEM1 and RSA-REACT. While the performance of RSA-REACT is worse than the performance of RSA-KEM+DEM1, a complete proof of its security has already been published. This is indeed an advantage, because we show that the security result for RSAKEM+DEM1 has a sma...
متن کاملStrengthening Security of RSA-OAEP
OAEP is one of the few standardized and widely deployed public-key encryption schemes. It was designed by Bellare and Rogaway as a scheme based on a trapdoor permutation such as RSA. RSA-OAEP is standardized in RSA’s PKCS #1 v2.1 and is part of several standards. RSA-OAEP was shown to be IND-CCA secure in the random oracle model under the standard RSA assumption. However, the reduction is not t...
متن کاملOAEP 3-Round: A Generic and Secure Asymmetric Encryption Padding
The OAEP construction is already 10 years old and wellestablished in many practical applications. But after some doubts about its actual security level, four years ago, the first efficient and provably IND-CCA1 secure encryption padding was formally and fully proven to achieve the expected IND-CCA2 security level, when used with any trapdoor permutation. Even if it requires the partial-domain o...
متن کاملNew Public Key Cryptosystems Based on the Dependent-RSA Problems
Since the Diffie-Hellman paper, asymmetric encryption has been a very important topic, and furthermore ever well studied. However, between the efficiency of RSA and the security of some less efficient schemes, no trade-off has ever been provided. In this paper, we propose better than a trade-off: indeed, we first present a new problem, derived from the RSA assumption, the “Dependent–RSA Problem...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003