The Sampling Twice Technique for the RSA-Based Cryptosystems with Anonymity

  • Ryotaro Hayashi
  • Keisuke Tanaka
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3386)


We say that an encryption scheme or a signature scheme provides anonymity when it is infeasible to determine which user generated a ciphertext or a signature. To construct the schemes with anonymity, it is necessary that the space of ciphertexts or signatures is common to each user. In this paper, we focus on the techniques which can be used to obtain this anonymity property, and propose a new technique for obtaining the anonymity property on RSA-based cryptosystem, which we call “sampling twice.” It generates the uniform distribution over 2 k by sampling the two elements from \({\mathbb Z}_N\) where |N| = k. Then, by applying the sampling twice technique, we construct the schemes for encryption, undeniable and confirmer signature, and ring signature, which have some advantage to the previous schemes.


RSA anonymity encryption undeniable and confirmer signature ring signature 


  1. 1.
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-Privacy in Public-Key Encryption. In: [18], pp. 566–582; Full version of this paper, available via
  2. 2.
    Bellare, M., Rogaway, P.: Optimal Asymmetric Encryption – How to Encrypt with RSA. In: [19], pp. 92–111Google Scholar
  3. 3.
    Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is secure under the RSA assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260–274. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Krawczyk, H.: SKEME: A Versatile Secure Key Exchange Mechanism for Internet. In: Proceedings of the 1996 Internet Society Symposium on Network and Distributed System Security, San Diego, CA, USA, pp. 114–127 (1996)Google Scholar
  5. 5.
    Camenisch, J., Lysyanskaya, A.: Efficient Non-Transferable Anonymous Multi- Show Credential System with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) Advances in Cryptology – EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Sako, K.: An auction protocol which hides bids of losers. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 422–432. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Chaum, D., van Antwerpen, H.: Undeniable signatures. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 212–216. Springer, Heidelberg (1990)Google Scholar
  8. 8.
    Chaum, D.: Zero-knowledge undeniable signatures. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 458–464. Springer, Heidelberg (1991)Google Scholar
  9. 9.
    Chaum, D.: Designated Confirmer Signatures. In: [19], pp. 86–91Google Scholar
  10. 10.
    Galbraith, S.D., Mao, W.: Invisibility and anonymity of undeniable and confirmer signatures. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 80–97. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Desmedt, Y.G.: Securing traceability of ciphertexts - towards a secure software key escrow system. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 147–157. Springer, Heidelberg (1995)Google Scholar
  12. 12.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to Leak a Secret. In:[18], 552–565Google Scholar
  13. 13.
    Hayashi, R., Okamoto, T., Tanaka, K.: An RSA family of trap-door permutations with a common domain and its applications. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 291–304. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Galbraith, S.D., Mao, W., Paterson, K.G.: RSA-based undeniable signatures for general moduli. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 200–217. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Jakobsson, M., Sako, K., Impagliazzo, R.: Designated verifier proofs and their applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)Google Scholar
  16. 16.
    Gennaro, R., Krawczyk, H., Rabin, T.: RSA-based undeniable signatures. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 132–149. Springer, Heidelberg (1997)Google Scholar
  17. 17.
    Bresson, E., Stern, J., Szydlo, M.: Threshold ring signatures and applications to ad-hoc groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 465–480. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Boyd, C. (ed.): ASIACRYPT 2001. LNCS, vol. 2248. Springer, Heidelberg (2001)MATHGoogle Scholar
  19. 19.
    De Santis, A. (ed.): EUROCRYPT 1994. LNCS, vol. 950. Springer, Heidelberg (1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Ryotaro Hayashi
    • 1
  • Keisuke Tanaka
    • 1
  1. 1.Dept. of Mathematical and Computing SciencesTokyo Institute of TechnologyTokyoJapan

Personalised recommendations