How to generate cryptographically strong sequences of pseudo-random bits
SIAM Journal on Computing
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Solving simultaneous modular equations of low degree
SIAM Journal on Computing - Special issue on cryptography
Minimum disclosure proofs of knowledge
Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
A discrete logarithm implementation of perfect zero-knowledge blobs
Journal of Cryptology
Efficient, perfect random number generators
CRYPTO '88 Proceedings on Advances in cryptology
CRYPTO '89 Proceedings on Advances in cryptology
A new public key cryptosystem based on higher residues
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
How to Guess l-th Roots Modulo n by Reducing Lattice Bases
AAECC-6 Proceedings of the 6th International Conference, on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
Sharing Decryption in the Context of Voting or Lotteries
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Verifiable secret-ballot elections
Verifiable secret-ballot elections
Low-exponent RSA with related messages
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Finding a small root of a univariate modular equation
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
New public key cryptosystems based on the dependent-RSA problems
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Cryptanalysis of RSA with private key d less than N0.292
IEEE Transactions on Information Theory
On the Security of a Modified Paillier Public-Key Primitive
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The Hardness of Hensel Lifting: The Case of RSA and Discrete Logarithm
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
New Semantically Secure Public-Key Cryptosystems from the RSA-Primitive
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
A Practical Public Key Cryptosystemfrom Paillier and Rabin Schemes
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Threshold circuit lower bounds on cryptographic functions
Journal of Computer and System Sciences
Hybrid commitments and their applications to zero-knowledge proof systems
Theoretical Computer Science
Efficient Two-Party Secure Computation on Committed Inputs
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Two Generic Constructions of Probabilistic Cryptosystems and Their Applications
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Efficient Deniable Authentication for Signatures
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
A Cryptographic Solution for Private Distributed Simple Meeting Scheduling
Proceedings of the 2009 conference on Artificial Intelligence Research and Development: Proceedings of the 12th International Conference of the Catalan Association for Artificial Intelligence
One-wayness equivalent to general factoring
IEEE Transactions on Information Theory
A Cryptographic Solution for Private Distributed Simple Meeting Scheduling
Proceedings of the 2009 conference on Artificial Intelligence Research and Development: Proceedings of the 12th International Conference of the Catalan Association for Artificial Intelligence
Chosen-Ciphertext Secure RSA-Type Cryptosystems
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Complexity theoretic aspects of some cryptographic functions
COCOON'03 Proceedings of the 9th annual international conference on Computing and combinatorics
A cryptographic method for secure watermark detection
IH'06 Proceedings of the 8th international conference on Information hiding
Anonymous pay-TV system with secure revenue sharing
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
A new dynamic accumulator for batch updates
ICICS'07 Proceedings of the 9th international conference on Information and communications security
On the provable security of an efficient RSA-Based pseudorandom generator
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
A weakness in some oblivious transfer and zero-knowledge protocols
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Batch decryption of encrypted short messages and its application on concurrent SSL handshakes
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Efficient CCA-secure public-key encryption schemes from RSA-related assumptions
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Paillier's cryptosystem modulo p2q and its applications to trapdoor commitment schemes
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Separable identity-based deniable authentication: cryptographic primitive for fighting phishing
EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
An optimal non-interactive message authentication protocol
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
On the key exposure problem in chameleon hashes
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
A provably secure elliptic curve scheme with fast encryption
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Mercurial commitments: minimal assumptions and efficient constructions
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Efficient RSA key generation and threshold paillier in the two-party setting
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
An efficient probabilistic public-key cryptosystem over quadratic fields quotients
Finite Fields and Their Applications
Survey A survey of routing protocols for smart grid communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
One-more extension of paillier inversion problem and concurrent secure identification
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
Trapdoor permutation polynomials of Z/nZ and public key cryptosystems
ISC'07 Proceedings of the 10th international conference on Information Security
Group homomorphic encryption: characterizations, impossibility results, and applications
Designs, Codes and Cryptography
| Hi-index | 0.06 |
We re-examine Paillier's cryptosystem, and show that by choosing a particular discrete log base g, and by introducing an alternative decryption procedure, we can extend the scheme to allow an arbitrary exponent e instead of N. The use of low exponents substantially increases the efficiency of the scheme. The semantic security is now based on a new decisional assumption, namely the hardness of deciding whether an element is a "small" e-th residue modulo N2.We also show how to use Paillier's original cryptosystem to build a trapdoor commitment scheme. This new scheme is information-theoretically private, and computationally binding (this property holds under the assumption that the RSA function with exponent N is hard to invert). A novel property of this new commitment scheme is that most of the work can be done offline before knowing the message one wants to commit to. Once the message is known only two multiplications are required. This is the first trapdoor commitment scheme with this online-offline efficiency property which is also length-preserving.