Skip to main content
SpringerLink
Log in

Efficient public key encryption with smallest ciphertext expansion from factoring

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

For public key encryption schemes, adaptive chosen ciphertext security is a widely accepted security notion since it captures a wide range of attacks. SAEP and SAEP+ are asymmetric encryption schemes which were proven to achieve semantic security against adaptive chosen ciphertext attacks. However, the bandwidth for message is essentially worse, that is the ciphertext expansion (the length difference between the ciphertext and the plaintext) is too large. In most of the mobile networks and bandwidth constrained communication systems, it is necessary to securely send as many messages as possible. In this article, we propose two chosen-ciphertext secure asymmetric encryption schemes. The first scheme is a generic asymmetric encryption padding scheme based on trapdoor permutations. The second one is its application to the Rabin-Williams function which has a very fast encryption algorithm. These asymmetric encryption schemes both achieve the optimal bandwidth w.r.t. the ciphertext expansion, namely with the smallest ciphertext expansion. Further, tight security reductions are shown to prove the security of these encryption schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bellare M., Desai A., Pointcheval D., Rogaway P.: Relations among notions of security for public-key encryption schemes. In: Proceedings of Crypto’98, LNCS 1462, pp. 26–45. Springer-Verlag (1998).

  2. Bellare M., Kohno T., Shoup V.: Stateful public-key cryptosystems: how to encrypt with one 160-bit exponentiation. In: Proceedings of CCS’06, pp. 380–389. ACM (2006).

  3. Bellare M., Rogaway P.: Optimal asymmetric encryption–How to encrypt with RSA. In: Proceedings of Eurocrypt’94, LNCS 950, pp. 92–111. Springer-Verlag (1995).

  4. Bellare M., Rogaway P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of CCS’93, pp. 62–73. ACM (1993).

  5. Boneh D.: Simplified OAEP for the RSA and Rabin functions. In: Proceedings of Crypto’01, LNCS 2139, pp. 275–291. Springer-Verlag (2001).

  6. Coppersmith D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10, 233–260 (1997).

    Google Scholar 

  7. Canetti R., Goldreich O., Halevi S.: The random oracle methodology, revisited. In: Proceedings of STOC’98, pp. 209–218. ACM Press, New York (1998).

  8. Coron J., Handschuh H., Joye M., Paillier P., Pointcheval D., Tymen C.: GEM: A generic chosen-ciphertext secure encryption method. In: Proceedings of CT-RSA 2002, LNCS 2271, pp. 263–276. Springer-Verlag (2002).

  9. Cramer R., Shoup V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Proceedings of Crypto’98, LNCS 1462, pp. 13–25. Springer-Verlag (1998).

  10. Cramer R., Shoup V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Proceedings of Eurocrypt’02, LNCS 2332, pp. 45–64. Springer-Verlag (2002).

  11. Cui Y., Kobara K., Imai H.: A generic conversion with optimal redundancy. In: Proceedings of RSA Conference 2005, Cryptographers’ Track (CT-RSA 05), LNCS 3376, pp. 104–117. Springer-Verlag (2005).

  12. Dolev D., Dwork C., Naor M. (2000). Non-malleable cryptography. SIAM J. Comput. 30(2): 391–437

    Article  MATH  MathSciNet  Google Scholar 

  13. Kiltz E.: Chosen-ciphertext security from tag-based encryption. In: Proceedings of TCC’06, LNCS 3876, pp. 581–600. Springer-Verlag (2006).

  14. Fujisaki E.: Plaintext-simulatability. Cryptology ePrint Archive:2004/218.

  15. Fujisaki E., Okamoto T., Pointcheval D., Stern J.: RSA-OAEP is secure under the RSA assumption. In: Proceedings of Crypto’01, LNCS 2139, pp. 260–274. Springer-Verlag (2001).

  16. Goldwasser S., Micali S. (1984). Probabilistic encryption. J. Comput. Security 28, 270–299

    MATH  MathSciNet  Google Scholar 

  17. Halevi S., Rogaway P.: A tweakable enciphering Mode. In: Proceedings of Advances in Cryptology-CRYPTO’03, LNCS, vol. 2729, pp. 482–499. Springer-Verlag (2003).

  18. Kurokawa K., Ogata W.: Efficient Rabin-type digital signature scheme. Des. Codes Cryptogr. 16, 53–64 (1999).

    Article  MathSciNet  Google Scholar 

  19. Lenstra A., Verheul E.: Selecting cryptographic key sizes. In: Proceedings of PKC’00, LNCS 1751, pp. 446–465. Springer-Verlag (2000).

  20. Lindell Y. (2006). A simpler construction of CCA2-secure public-key encryption under general assumptions. J. Cryptol. 19(3): 359–377

    Article  MATH  MathSciNet  Google Scholar 

  21. Naor M., Yung M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: Proceedings of the 22nd STOC, pp. 427–437. ACM Press, New York (1990).

  22. NESSIE consortium, “NESSIE Security report”. Deliverable type report D20-v2, NESSIE (2003). Available from http://www.cosic.esat.kuleuven.be/nessie/deliverables/D20-v2.pdf.

  23. Okamoto T., Pointcheval D.: REACT: Rapid enhanced-security asymmetric cryptosystem transform. In: Proceedings of CT-RSA 2001, LNCS 2020, pp. 159–175. Springer-Verlag (2001).

  24. Phan D.H., Pointcheval D.: Chosen-ciphertext security without redundancy. In: Proceedings of Asiacrypt’03, LNCS 2894, pp. 1–18. Springer-Verlag (2003).

  25. Phan D.H., Pointcheval D.: OAEP 3-Round: A generic and secure asymmetric encryption padding. In: Proceedings of Asiacrypt’04, LNCS 3329, pp. 63–77. Springer-Verlag (2004).

  26. Rackoff C., Simon D.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Proceedings of Crypto’91, LNCS 576, pp. 433–444. Springer-Verlag (1992).

  27. Rabin M.: Digital signatures and public-key functions as intractable as factorization. Technical report MIT/LCS/TR-212, MIT Laboratory for Computer Science (1979).

  28. Shoup V.: OAEP reconsidered. In: Proceedings of Crypto’01, LNCS 2139, pp. 239–259. Springer-Verlag (2001).

  29. Williams H.C. (1980). A modification of the RSA public-key encryption procedure. IEEE Trans. Inform. Theory VIT 26(6): 726–729

    Article  MATH  Google Scholar 

  30. Waters B.: Efficient identity based encryption without random oracles. In: Proceedings of Eurocrypt’05, LNCS 3494, pp. 114–127. Springer-Verlag (2005).

Download references

Author information

Authors and Affiliations

  1. Computer Science and Technology Department, East China Normal University, North Zhongshan Road 3663, Shanghai, 200062, China

    Haifeng Qian, Zhibin Li & Zecheng Wang

  2. Institute of Theoretical Computing, East China Normal University, North Zhongshan Road 3663, Shanghai, 200062, China

    Zhibin Li

  3. National Computer Network Emergency Response Technical Team (Coordination Center of China), Beijing, China

    Yuan Zhou & Bing Zhang

Authors
  1. Haifeng Qian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuan Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhibin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zecheng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bing Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haifeng Qian.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Qian, H., Zhou, Y., Li, Z. et al. Efficient public key encryption with smallest ciphertext expansion from factoring. Des. Codes Cryptogr. 49, 233–249 (2008). https://doi.org/10.1007/s10623-008-9179-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-008-9179-5

Keywords

AMS Classification

Search

Navigation