Skip to main content

Public-Key Cryptosystems Based on Composite Degree Residuosity Classes

Part of the Lecture Notes in Computer Science book series (LNCS,volume 1592)


This paper investigates a novel computational problem, namely the Composite Residuosity Class Problem, and its applications to public-key cryptography. We propose a new trapdoor mechanism and derive from this technique three encryption schemes: a trapdoor permutation and two homomorphic probabilistic encryption schemes computationally comparable to RSA. Our cryptosystems, based on usual modular arithmetics, are provably secure under appropriate assumptions in the standard model.


  • Encryption Scheme
  • Signature Scheme
  • Random Oracle
  • Homomorphic Encryption
  • Random Oracle Model

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. D. Angluin and D. Lichtenstein, Provable Security of Cryptosystems: A Survey, Computer Science Department, Yale University, TR-288, 1983.

    Google Scholar 

  2. M. Bellare and P. Rogaway, Random Oracles are Practical: a Paradigm for Designing Efficient Protocols, In Proceedings of the First CCS, ACM Press, pp. 62–73, 1993.

    Google Scholar 

  3. J. C. Benaloh, Verifiable Secret-Ballot Elections, PhD Thesis, Yale University, 1988.

    Google Scholar 

  4. R. Cramer, R. Gennaro and B. Schoenmakers, A Secure And Optimally Efficient Multi-Authority Election Scheme, LNCS 1233, Proceedings of Eurocrypt’97, Springer-Verlag, pp. 103–118, 1997.

    Google Scholar 

  5. W. Diffie and M. Hellman, New Directions in Cryptography, IEEE Transaction on Information Theory, IT-22,6, pp. 644–654, 1995.

    MathSciNet  Google Scholar 

  6. C. Ding, D. Pei and A. Salomaa, Chinese Remainder Theorem — Applications in Computing, Coding, Cryptography, World Scientific Publishing, 1996.

    Google Scholar 

  7. T. ElGamal, A Public-Key Cryptosystem an a Signature Scheme Based on Discrete Logarithms, IEEE Trans. on Information Theory, IT-31, pp. 469–472, 1985.

    CrossRef  MathSciNet  Google Scholar 

  8. J. Feigenbaum, Locally Random Reductions in Interactive Complexity Theory, in Advances in Computational Complexity Theory, DIMACS Series on Discrete Mathematics and Theoretical Computer Science, vol. 13, American Mathematical Society, Providence, pp. 73–98, 1993.

    Google Scholar 

  9. S. Goldwasser and S. Micali, Probabilistic Encryption, JCSS Vol. 28 No 2, pp. 270–299, 1984.

    MATH  MathSciNet  Google Scholar 

  10. K. Koyama, U. Maurer, T. Okamoto and S. Vanstone, New Public-Key Schemes based on Elliptic Curves over the ring Zn, LNCS 576, Proceedings of Crypto’91, Springer-Verlag, pp. 252–266, 1992.

    Google Scholar 

  11. T. Matsumoto and H. Imai, Public Quadratic Polynomial-Tuples for Efficient Signature-Verification and Message-Encryption, LNCS 330, Proceedings of Eurocrypt’88, Springer-Verlag, pp. 419–453, 1988.

    Google Scholar 

  12. U. Maurer and S. Wolf, On the Complexity of Breaking the Diffie-Hellman Protocol.

    Google Scholar 

  13. R. Merkle and M. Hellman, Hiding Information and Signatures in Trapdoor Knapsacks, IEEE Trans. on Information Theory, Vol. 24, pp. 525–530, 1978.

    CrossRef  Google Scholar 

  14. K. McCurley, A Key Distribution System Equivalent to Factoring, Journal of Cryptology, Vol. 1, pp. 95–105, 1988.

    MATH  CrossRef  MathSciNet  Google Scholar 

  15. R. McEliece, A Public-Key Cryptosystem Based on Algebraic Coding Theory, DSN Progress Report 42-44, Jet Propulsion Laboratories, Pasadena, 1978.

    Google Scholar 

  16. D. Naccache and J. Stern, A New Public-Key Cryptosystem Based on Higher Residues, LNCS 1403, Advances in Cryptology, Proceedings of Eurocrypt’98, Springer-Verlag, pp. 308–318, 1998.

    Google Scholar 

  17. D. Naccache and J. Stern, A New Public-Key Cryptosystem, LNCS 1233, Advances in Cryptology, Proceedings of Eurocrypt’97, Springer-Verlag, pp. 27–36, 1997.

    Google Scholar 

  18. P. Nguyen and J. Stern, Cryptanalysis of the Ajtai-Dwork Cryptosystem, LNCS 1462, Proceedings of Crypto’98, Springer-Verlag, pp. 223–242, 1998.

    Google Scholar 

  19. T. Okamoto and S. Uchiyama, A New Public-Key Cryptosystem as secure as Factoring, LNCS 1403, Advances in Cryptology, Proceedings of Eurocrypt’98, Springer-Verlag, pp. 308–318, 1998.

    Google Scholar 

  20. S. Park and D. Won, A Generalization of Public-Key Residue Cryptosystem, In Proceedings of 1993 Korean-Japan Joint Workshop on Information Security and Cryptology, pp. 202–206, 1993.

    Google Scholar 

  21. J. Patarin, The Oil and Vinegar Algorithm for Signatures, presented at the Dagstuhl Workshop on Cryptography, 1997.

    Google Scholar 

  22. J. Patarin and L. Goubin, Trapdoor One-Way Permutations and Multivariate Polynomials, LNCS 1334, Proceedings of ICICS’97, Springer-Verlag, pp. 356–368, 1997.

    Google Scholar 

  23. R. Peralta and E. Okamoto, Faster Factoring of Integers of a Special Form, IEICE, Trans. Fundamentals, E79-A, Vol. 4, pp. 489–493, 1996.

    Google Scholar 

  24. M. Rabin, Digital Signatures and Public-Key Encryptions as Intractable as Factorization, MIT Technical Report No 212, 1979.

    Google Scholar 

  25. R. Rivest, A. Shamir and L. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, Communications of the ACM, Vol. 21, No 2, pp. 120–126, 1978.

    MATH  CrossRef  MathSciNet  Google Scholar 

  26. A. Salomaa, Public-Key Cryptography, Springer-Verlag, 1990.

    Google Scholar 

  27. T. Sander and F. Tschudin, On Software Protection Via Function Hiding, Proceedings of Information Hiding Workshop’98, 1998.

    Google Scholar 

  28. S. Vanstone and R. Zuccherato, Elliptic Curve Cryptosystem Using Curves of Smooth Order Over the Ring Zn, IEEE Trans. Inf. Theory, Vol. 43, No 4, July 1997.

    Google Scholar 

  29. S. Vaudenay, Cryptanalysis of the Chor-Rivest Cryptosystem, LNCS 1462, Proceedings of Crypto’98, Springer-Verlag, pp. 243–256, 1998.

    Google Scholar 

  30. H. Williams, Some Public-Key Crypto-Functions as Intractable as Factorization, LNCS 196, Proceedings of Crypto’84, Springer-Verlag, pp. 66–70, 1985.

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Paillier, P. (1999). Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (eds) Advances in Cryptology — EUROCRYPT ’99. EUROCRYPT 1999. Lecture Notes in Computer Science, vol 1592. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-65889-4

  • Online ISBN: 978-3-540-48910-8

  • eBook Packages: Springer Book Archive