Efficient chosen ciphertext secure public-key encryption under factoring assumption

Authors

  • Baodong Qin,

    Corresponding author
    1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
    • College of Computer Science and Technology, Southwest University of Science and Technology, Mianyang, China
    Search for more papers by this author
  • Shengli Liu

    1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
    Search for more papers by this author

Baodong Qin, Department of Computer Science and Engineering Shanghai Jiao Tong University, Shanghai 200240, China.

E-mail: baodong.qin@gmail.com

ABSTRACT

In EUROCRYPT 2009, Hofheinz and Kiltz introduced a new practical chosen ciphertext secure public-key encryption scheme under the assumption that factoring is intractable. They also proposed a variant that features a slightly more efficient decryption but unfortunately leads to large public key, of size about O(k), where k is a security parameter. In this paper, we propose a novel method to balance the efficiency and the key size of those previous two schemes. Although the public key in our scheme only consists of one RSA modulus and three group elements, it is still more efficient at decrypting than Hofheinz and Kiltz's scheme. By remarking that under certain assumptions factoring the modulus is still hard over much smaller subgroups of signed quadratic residues (i.e., semismooth subgroup), we were able to construct a new scheme that performs extremely efficient decryption. In fact, to date, this is the most efficient scheme for decryption among all public-key encryption schemes (mainly including Hofheinz and Kiltz's schemes and their follow-up works) whose security against chosen ciphertext attacks is based on the intractability of factoring in the standard model. Copyright © 2012 John Wiley & Sons, Ltd.

Ancillary