On the provable security of an efficient RSA-Based pseudorandom generator

Authors:
Ron Steinfeld;Josef Pieprzyk;Huaxiong Wang
Affiliations:
Centre for Advanced Computing – Algorithms and Cryptography (ACAC), Dept. of Computing, Macquarie University, North Ryde, Australia;Centre for Advanced Computing – Algorithms and Cryptography (ACAC), Dept. of Computing, Macquarie University, North Ryde, Australia;Centre for Advanced Computing – Algorithms and Cryptography (ACAC), Dept. of Computing, Macquarie University, North Ryde, Australia
Venue:
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Year:
2006

Citing 18
Cited 9

How to generate cryptographically strong sequences of pseudo-random bits

SIAM Journal on Computing
A simple unpredictable pseudo random number generator

SIAM Journal on Computing
RSA and Rabin functions: certain parts are as hard as the whole

SIAM Journal on Computing - Special issue on cryptography
Paillier's cryptosystem revisited

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Efficient Discrete Log Pseudo Random Generator

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
The Modular Inversion Hidden Number Problem

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding Small Roots of Univariate Modular Equations Revisited

Proceedings of the 6th IMA International Conference on Cryptography and Coding
The Two Faces of Lattices in Cryptology

CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
Finding Small Solutions to Small Degree Polynomials

CaLC '01 Revised Papers from the International Conference on Cryptography and Lattices
On the cryptographic security of single RSA bits

STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
An Improved Pseudo-Random Generator Based on the Discrete Logarithm Problem

Journal of Cryptology
Foundations of Cryptography: Volume 1

Foundations of Cryptography: Volume 1
Reconstructing noisy polynomial evaluation in residue rings

Journal of Algorithms
Why and how to establish a private code on a public network

SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Efficient And Secure Pseudo-Random Number Generation

SFCS '84 Proceedings of the 25th Annual Symposium onFoundations of Computer Science, 1984
QUAD: a practical stream cipher with provable security

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Concrete security of the blum-blum-shub pseudorandom generator

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Cryptanalysis of RSA with private key d less than N0.292

IEEE Transactions on Information Theory

Secure PRNGs from Specialized Polynomial Maps over Any $\mathbb{F}_{q}$

PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
QUAD: A multivariate stream cipher with provable security

Journal of Symbolic Computation
Attacking Power Generators Using Unravelled Linearization: When Do We Output Too Much?

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
More efficient DDH pseudorandom generators

Designs, Codes and Cryptography
On the power generator and its multivariate analogue

Journal of Complexity
Adaptive trapdoor functions and chosen-ciphertext security

EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
A unified approach to deterministic encryption: new constructions and a connection to computational entropy

TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Pseudorandom generators based on subcovers for finite groups

Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
Predicting masked linear pseudorandom number generators over finite fields

Designs, Codes and Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

Pseudorandom Generators (PRGs) based on the RSA inversion (one-wayness) problem have been extensively studied in the literature over the last 25 years. These generators have the attractive feature of provable pseudorandomness security assuming the hardness of the RSA inversion problem. However, despite extensive study, the most efficient provably secure RSA-based generators output asymptotically only at most O(logn) bits per multiply modulo an RSA modulus of bitlength n, and hence are too slow to be used in many practical applications. To bring theory closer to practice, we present a simple modification to the proof of security by Fischlin and Schnorr of an RSA-based PRG, which shows that one can obtain an RSA-based PRG which outputs Ω(n) bits per multiply and has provable pseudorandomness security assuming the hardness of a well-studied variant of the RSA inversion problem, where a constant fraction of the plaintext bits are given. Our result gives a positive answer to an open question posed by Gennaro (J. of Cryptology, 2005) regarding finding a PRG beating the rate O(logn) bits per multiply at the cost of a reasonable assumption on RSA inversion.