Abstract
Pseudorandom Generators (PRGs) based on the RSA inversion (one-wayness) problem have been extensively studied in the literature over the last 25 years. These generators have the attractive feature of provable pseudorandomness security assuming the hardness of the RSA inversion problem. However, despite extensive study, the most efficient provably secure RSA-based generators output asymptotically only at most O(logn) bits per multiply modulo an RSA modulus of bitlength n, and hence are too slow to be used in many practical applications.
To bring theory closer to practice, we present a simple modification to the proof of security by Fischlin and Schnorr of an RSA-based PRG, which shows that one can obtain an RSA-based PRG which outputs Ω(n) bits per multiply and has provable pseudorandomness security assuming the hardness of a well-studied variant of the RSA inversion problem, where a constant fraction of the plaintext bits are given. Our result gives a positive answer to an open question posed by Gennaro (J. of Cryptology, 2005) regarding finding a PRG beating the rate O(logn) bits per multiply at the cost of a reasonable assumption on RSA inversion.
Chapter PDF
Similar content being viewed by others
References
Alexi, W., Chor, B., Goldreich, O., Schnorr, C.P.: RSA and Rabin Functions: Certain Parts Are as Hard as the Whole. SIAM Journal on Computing 17(2), 194–209 (1988)
Ben-Or, M., Chor, B., Shamir, A.: On the Cryptographic Security of Single RSA Bits. In: Proc. 15-th STOC, pp. 421–430. ACM Press, New York (1983)
Berbain, C., Gilbert, H., Patarin, J.: QUAD: a Practical Stream Cipher with Provable Security. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 109–128. Springer, Heidelberg (2006)
Blackburn, S.R., Gomez-Perez, D., Gutierrez, J., Shparlinski, I.E.: Reconstructing Noisy Polynomial Evaluation in Residue Rings. Journal of Algorithms (to appear)
Blackburn, S.R., Gomez-Perez, D., Gutierrez, J., Shparlinski, I.E.: Predicting Nonlinear Pseudorandom Number Generators. Mathematics of Computation 74, 1471–1494 (2004)
Blum, L., Blum, M., Shub, M.: A Simple Unpredictable Pseudo-Random Number Generator. SIAM Journal on Computing 15, 364–383 (1986)
Blum, M., Micali, S.: How to Generate Cryptographically Strong Sequences of Pseudo-Random Bits. SIAM Journal on Computing 13, 850–864 (1984)
Boneh, D., Durfee, G.: Cryptanalysis of RSA with private key d less than N 0.292. IEEE Trans. on Info. Theory 46(4), 1339–1349 (2000)
Boneh, D., Halevi, S., Howgrave-Graham, N.A.: The Modular Inversion Hidden Number Problem. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 36–51. Springer, Heidelberg (2001)
Catalano, D., Gennaro, R., Howgrave-Graham, N., Nguyen, P.: Paillier’s Cryptosystem Revisited. In: Proc. CCS 2001, November 2001, ACM, New York (2001)
Coppersmith, D.: Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities. J. of Cryptology 10, 233–260 (1997)
Coppersmith, D.: Finding Small Solutions to Low Degree Polynomials. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 20–31. Springer, Heidelberg (2001)
Dai, W.: Crypto++ 5.2.1 Benchmarks (2006), http://www.eskimo.com/~weidai/benchmarks.html
Fischlin, R., Schnorr, C.P.: Stronger Security Proofs for RSA and Rabin Bits. Journal of Cryptology 13, 221–244 (2000)
Gennaro, R.: An Improved Pseudo-Random Generator Based on the Discrete-Logarithm Problem. Journal of Cryptology 18, 91–110 (2005)
Goldreich, O.: Foundations of Cryptography, vol. I. Cambridge University Press, Cambridge (2003)
Goldreich, O., Rosen, V.: On the Security of Modular Exponentiation with Application to the Construction of Pseudorandom Generators. J. of Cryptology 16, 71–93 (2003)
Goldwasser, S., Micali, S.: Probabilistic Encryption. J. of Computer and System Sciences 28(2), 270–299 (1984)
Goldwasser, S., Micali, S., Tong, P.: Why and How to Establish a Private Code on a Public Network. In: Proc. FOCS 1982, pp. 134–144. IEEE Computer Society Press, Los Alamitos (1982)
Howgrave-Graham, N.: Finding Small Roots of Univariate Polynomials Revisited. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 131–142. Springer, Heidelberg (1997)
Impagliazzo, R., Naor, M.: Efficient Cryptographic Schemes Provably as Secure as Subset Sum. Journal of Cryptology 9, 199–216 (1996)
Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring Polynomials with Rational Coefficients. Mathematische Annalen 261, 515–534 (1982)
Lenstra, A.K., Verheul, E.R.: Selecting Cryptographic Key Sizes. J. of Cryptology 14, 255–293 (2001)
Micali, S., Schnorr, C.P.: Efficient, Perfect Polynomial Random Number Generators. J. of Cryptology 3, 157–172 (1991)
Nguyen, P.Q., Shparlinski, I.E.: The insecurity of the digital signature algorithm with partially known nonces. J. Cryptology 15, 151–176 (2002)
Nguyen, P.Q., Stern, J.: The Two Faces of Lattices in Cryptology. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol. 2146, pp. 146–180. Springer, Heidelberg (2001)
Patel, S., Sundaram, G.: An Efficient Discrete Log Pseudo Random Generator. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 304–317. Springer, Heidelberg (1998)
Sidorenko, A., Schoenmakers, B.: Concrete Security of the Blum-Blum-Shub Pseudorandom Generator. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 355–375. Springer, Heidelberg (2005)
Steinfeld, R., Pieprzyk, J., Wang, H.: On the Provable Security of an Efficient RSA-Based Pseudorandom Generator. Cryptology ePrint Archive, Report 2006/206 (2006), http://eprint.iacr.org/2006/206
Vazirani, U.V., Vazirani, V.V.: Efficient and Secure Pseudo-Random Number Generation. In: Proc. FOCS 1984, pp. 458–463. IEEE Computer Society Press, Los Alamitos (1982)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Steinfeld, R., Pieprzyk, J., Wang, H. (2006). On the Provable Security of an Efficient RSA-Based Pseudorandom Generator. In: Lai, X., Chen, K. (eds) Advances in Cryptology – ASIACRYPT 2006. ASIACRYPT 2006. Lecture Notes in Computer Science, vol 4284. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935230_13
Download citation
DOI: https://doi.org/10.1007/11935230_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49475-1
Online ISBN: 978-3-540-49476-8
eBook Packages: Computer ScienceComputer Science (R0)