Skip to main content
SpringerLink
Log in

RSA Public-Key Encryption

  • Reference work entry
Encyclopedia of Cryptography and Security

  • 121 Accesses

Trapdoor One-Way Permutations

A one-way function is a function f that anyone can compute efficiently, however inverting f is hard. Such a primitive is the basis of modern cryptography, and relies on the open problem \(\mathcal{P}\) vs. \(\mathcal{NP}\) (see computational complexity). As a consequence, any \(\mathcal{NP}\)-complete problem should lead to such a one-way function candidate. Unfortunately, \(\mathcal{NP}\)-complete problems are not so convenient for cryptographic applications, because either they are hard to solve for very large instances only, or very few instances are hard but the problem is easy on average. Furthermore, such a primitive is not enough for public-key encryption.

A trapdoor one-way permutation primitive (see also substitutions and permutations) is a permutation f onto a set X that anyone can compute efficiently; however inverting f is hard unless one is also given some “trapdoor” information. Given the trapdoor information, computing g the inverse of f...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  1. Bellare, M. and Rogaway (1993). “Random oracles are practical: A paradigm for designing efficient protocols.” Proceedings of the 1st CCS. ACM Press, New York, 62–73.

    Google Scholar 

  2. Bellare, M. and P. Rogaway (1995). “Optimal asymmetric encryption—how to encrypt with RSA.” Advances in Cryptology—EUROCRYPT'94, Lecture Notes in Computer Science, vol. 950, ed. A. De Santis. Springer-Verlag, Berlin, 92–111.

    Google Scholar 

  3. Bleichenbacher, D. (1998). “A chosen ciphertext attack against protocols based on the RSA encryption standard PKCS #1.” Advances in Cryptology—CRYPTO'98, Lecture Notes in Computer Science, vol. 1462, ed. H. Krawczyk. Springer-Verlag, Berlin, 1–12.

    Google Scholar 

  4. Blum, M. and S. Micali (1984). “How to generate cryptographically strong sequences of pseudorandom bits.” SIAM Journal on Computing, 13, 850–864.

    Article  MATH  MathSciNet  Google Scholar 

  5. Boneh, D. (2001). Simplified OAEP for the RSA and Rabin Functions. Advances in Cryptology—CRYPTO 2001, Lecture Notes in Computer Science, vol. 2139, ed. J. Kilian. Springer-Verlag, Berlin, 275–291.

    Google Scholar 

  6. Boneh, D. and G. Durfee (2000). “Cryptanalysis of RSA with private key d less than N 0.292.” IEEE Transactions on Information Theory, 46 (4), 1339–1349.

    Article  MATH  MathSciNet  Google Scholar 

  7. Fiat, A. and A. Shamir (1987). “How to prove yourself: Practical solutions of identification and signature problems.” Advances in Cryptology—CRYPTO'86, Lecture Notes in Computer Science, vol. 263, ed. A.M. Odlyzko. Springer-Verlag, Berlin, 186–194.

    Google Scholar 

  8. Fujisaki, E., T. Okamoto, D. Pointcheval, and J. Stern (2001). “RSA–OAEP is secure under the RSA assumption.” Advances in Cryptography—CRYPTO 2001, Lecture Notes in Computer Science, vol. 2139, ed. J. Kilian. Springer-Verlag, Berlin, 260–274.

    Google Scholar 

  9. Håstad, J. (1988). “Solving simultaneous modular equations of low degree.” SIAM Journal of Computing, 17, 336–341.

    Article  MATH  Google Scholar 

  10. Miller, G. (1976). “Riemann's hypothesis and tests for primality.” Journal of Computer and System Sciences, 13, 300–317.

    MATH  MathSciNet  Google Scholar 

  11. Naor, M. and M. Yung (1989). “Universal one-way hash functions and their cryptographic applications.” Proceedings of the 21st STOC. ACM Press, New York, 33–43.

    Google Scholar 

  12. Rabin, M.O. (1978). “Digitalized signatures.” Foundations of Secure Computation, eds. R. Lipton and R. De Millo. Academic Press, New York, 155–166.

    Google Scholar 

  13. Rackoff, C. and D.R. Simon (1992). “Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack.” Advances in Cryptology—CRYPTO'91, Lecture Notes in Computer Science, vol. 575, ed. J. Feigenbaum. Springer-Verlag, Berlin, 433–444.

    Google Scholar 

  14. Rivest, R., A. Shamir, and L. Adleman (1978). “A method for obtaining digital signatures and public key cryptosystems.” Communications of the ACM, 21 (2), 120–126.

    Article  MATH  MathSciNet  Google Scholar 

  15. Shoup, V. (2001). “OAEP reconsidered.” Advances in Cryptography—CRYPTO 2001, Lecture Notes in Computer Science, vol. 2139, ed. J. Kilian. Springer-Verlag, Berlin, 239–259.

    Google Scholar 

  16. Wiener, M. (1990). “Cryptanalysis of short RSA secret exponents.” IEEE Transactions on Information Theory, 36 (3), 553–558.

    Article  MATH  MathSciNet  Google Scholar 

Download references

Authors
  1. David Pointcheval
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Eindhoven University of Technology, Eindhoven, The Netherlands

    Henk C. A. van Tilborg

Rights and permissions

Reprints and permissions

Copyright information

© 2005 International Federation for Information Processing

About this entry

Cite this entry

Pointcheval, D. (2005). RSA Public-Key Encryption. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_364

Download citation

Publish with us

Policies and ethics

Search

Navigation