A key-exchange system based on imaginary quadratic fields
Journal of Cryptology
Signature schemes based on the strong RSA assumption
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Speeding Up Secret Computations with Insecure Auxiliary Devices
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Escure Signature Schemes based on Interactive Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract)
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
New Generation of Secure and Practical RSA-Based Signatures
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Security of Cryptosystems Based on Class Groups of Imaginary Quadratic Orders
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Security of Signed ElGamal Encryption
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Note on Security Proofs in the Generic Model
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Insecurity of a Server-Aided RSA Protocol
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Server-Aided RSA Protocols
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
The Cramer-Shoup Strong-RSASignature Scheme Revisited
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Password authenticated key exchange using hidden smooth subgroups
Proceedings of the 12th ACM conference on Computer and communications security
Fine-grained forward-secure signature schemes without random oracles
Discrete Applied Mathematics - Special issue: Coding and cryptography
On the Equivalence of Generic Group Models
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Breaking RSA Generically Is Equivalent to Factoring
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
On the Analysis of Cryptographic Assumptions in the Generic Ring Model
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fine-grained forward-secure signature schemes without random oracles
Discrete Applied Mathematics - Special issue: Coding and cryptography
Parallel repetition of computationally sound protocols revisited
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On the equivalence of RSA and factoring regarding generic ring algorithms
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Single-database private information retrieval with constant communication rate
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
A cryptographic framework for the controlled release of certified data
SP'04 Proceedings of the 12th international conference on Security Protocols
Efficiency limitations for Σ-protocols for group homomorphisms
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Efficient proofs of knowledge of discrete logarithms and representations in groups with hidden order
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Cryptography in subgroups of Zn
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Secure accumulators from euclidean rings without trusted setup
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
| Hi-index | 0.00 |
We study the problem of root extraction in finite Abelian groups, where the group order is unknown. This is a natural generalization of the problem of decrypting RSA ciphertexts. We study the complexity of this problem for generic algorithms, that is, algorithms that work for any group and do not use any special properties of the group at hand. We prove an exponential lower bound on the generic complexity of root extraction, even if the algorithm can choose the "public exponent" itself. In other words, both the standard and the strong RSA assumption are provably true w.r.t. generic algorithms. The results hold for arbitrary groups, so security w.r.t. generic attacks follows for any cryptographic construction based on root extracting. As an example of this, we revisit Cramer-Shoup signature scheme [10]. We modify the scheme such that it becomes a generic algorithm. This allows us to implement it in RSA groups without the original restriction that the modulus must be a product of safe primes. It can also be implemented in class groups. In all cases, security follows from a well defined complexity assumption (the strong root assumption), without relying on random oracles, and the assumption is shown to be true w.r.t. generic attacks.