Advertisement

Linear Bandwidth Naccache-Stern Encryption

  • Benoît Chevallier-Mames
  • David Naccache
  • Jacques Stern
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5229)

Abstract

The Naccache-Stern (ns) knapsack cryptosystem is an original yet little-known public-key encryption scheme. In this scheme, the ciphertext is obtained by multiplying public-keys indexed by the message bits modulo a prime p. The cleartext is recovered by factoring the ciphertext raised to a secret power modulo p.

ns encryption requires a multiplication per two plaintext bits on the average. Decryption is roughly as costly as an rsa decryption. However, ns features a bandwidth sublinear in log p, namely log p/ log log p. As an example, for a 2048-bit prime p, ns encryption features a 233-bit bandwidth for a 59-kilobyte public key size.

This paper presents new ns variants achieving bandwidths linear in log p. As linear bandwidth claims a public-key of size log3 p/ log log p, we recommend to combine our scheme with other bandwidth optimization techniques presented here.

For a 2048-bit prime p, we obtain figures such as 169-bit plaintext for a 10-kilobyte public key, 255-bit plaintext for a 20-kilobyte public key or a 781-bit plaintext for a 512-kilobyte public key. Encryption and decryption remain unaffected by our optimizations: As an example, the 781-bit variant requires 152 multiplications per encryption.

Keywords

Public key cryptography ns cryptosystem multiplicative knapsack efficiency 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [FO99]
    Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)Google Scholar
  2. [FO00]
    Fujisaki, E., Okamoto, T.: How to enhance the security of public-key encryption at minimum cost. IEICE Transaction of Fundamentals of Electronic Communications and Computer Science E83-A(1), 24–32 (2000)Google Scholar
  3. [FSW02]
    Fouque, P.-A., Stern, J., Wackers, J.-G.: Cryptocomputing with rationals. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 136–146. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. [GM84]
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984)zbMATHCrossRefMathSciNetGoogle Scholar
  5. [NS97]
    Naccache, D., Stern, J.: A new public-key cryptosystem. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 27–36. Springer, Heidelberg (1997)Google Scholar
  6. [SW86]
    Stanton, D., White, D.: Constructive combinatorics. Springer, New York (1986)zbMATHGoogle Scholar
  7. [Val91]
    Vallée, B.: Gauss’ algorithm revisited. Journal of Algorithms 12(4), 556–572 (1991)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Benoît Chevallier-Mames
    • 1
  • David Naccache
    • 2
  • Jacques Stern
    • 2
  1. 1.DCSSI, Laboratoire de cryptographieParisFrance
  2. 2.École normale supérieure, Équipe de cryptographieParis cedex 05France

Personalised recommendations