Abstract
In this paper, we study some computational security assumptions involved in two cryptographic applications related to the RSA cryptosystem. To this end, we use exponential sums to bound the statistical distances between these distributions and the uniform distribution. We are interested in studying the k least (or most) significant bits of \(x^e \bmod N\), where N is an RSA modulus and x only belongs to a small interval of [0,N).
First of all, we provide the first rigorous evidence that the cryptographic pseudo-random generator proposed by Micali and Schnorr is based on firm foundations. This proof is missing in the original paper and does not cover the parameters chosen by the authors. Consequently, we extend the proof to get a new result closer to these parameters using recently new exponential sums results and we show some limitations of our technique. Finally, we look at the semantic security of the RSA padding scheme called PKCS#1 v1.5 which is still used a lot in practice. We show that parts of the ciphertext are indistinguisable from uniform bitstrings.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bauer, A., Coron, J.-S., Naccache, D., Tibouchi, M., Vergnaud, D.: On the Broadcast and Validity-Checking Security of pkcs#1 v1.5 Encryption. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 1–18. Springer, Heidelberg (2010)
Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)
Bellare, M., Rogaway, P.: Optimal Asymmetric Encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)
Bellare, M., Rogaway, P.: The Exact Security of Digital Signatures - How to Sign with RSA and Rabin. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)
Bleichenbacher, D.: Chosen Ciphertext Attacks against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)
Blum, L., Blum, M., Shub, M.: A Simple Unpredictable Pseudo-Random Number Generator. SIAM J. Comput. 15(2), 364–383 (1986)
Boneh, D., Venkatesan, R.: Breaking RSA May Not Be Equivalent to Factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 59–71. Springer, Heidelberg (1998)
Coppersmith, D., Franklin, M.K., Patarin, J., Reiter, M.K.: Low-Exponent RSA with Related Messages. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 1–9. Springer, Heidelberg (1996)
Fouque, P.-A., Vergnaud, D., Zapalowicz, J.-C.: Time/Memory/Data Tradeoffs for Variants of the RSA Problem. In: Du, D.-Z., Zhang, G. (eds.) COCOON 2013. LNCS, vol. 7936, pp. 651–662. Springer, Heidelberg (2013)
Friedlander, J., Shparlinski, I.: On the distribution of the power generator. Math. Comput. 70(236), 1575–1589 (2001)
Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP Is Secure under the RSA Assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260–274. Springer, Heidelberg (2001)
Håstad, J.: Solving Simultaneous Modular Equations of Low Degree. SIAM J. Comput. 17(2), 336–341 (1988)
Lidl, R., Niederreiter, H.: Finite Fields. Cambridge University Press (1996)
Micali, S., Schnorr, C.-P.: Efficient, Perfect Polynomial Random Number Generators. J. Cryptology 3(3), 157–172 (1991)
Shoup, V.: A computational introduction to number theory and algebra. Cambridge University Press (2006)
Vinogradov, I.M.: Elements of number theory. Dover (1954)
Wooley, T.D.: Vinogradov’s mean value theorem via efficient congruencing. Annals of Mathematics 175(3), 1575–1627 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Fouque, PA., Zapalowicz, JC. (2014). Statistical Properties of Short RSA Distribution and Their Cryptographic Applications. In: Cai, Z., Zelikovsky, A., Bourgeois, A. (eds) Computing and Combinatorics. COCOON 2014. Lecture Notes in Computer Science, vol 8591. Springer, Cham. https://doi.org/10.1007/978-3-319-08783-2_45
Download citation
DOI: https://doi.org/10.1007/978-3-319-08783-2_45
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08782-5
Online ISBN: 978-3-319-08783-2
eBook Packages: Computer ScienceComputer Science (R0)