Abstract
It is known that given a composite integer N = p 1 p 2 (such that p 1 ≡ p 2 ≡ 3 (mod 4)), and q a quadratic residue modulo N, guessing the least significant bit of a square root of q with any non-negligible advantage is as hard as factoring N.
In this paper we extend the above result to multi-prime numbers N = p 1 p 2...p l (such that p 1 ≡ p 2 ≡ ... ≡ p l ≡ 3 (mod 4)). We show that given N and q 1 a quadratic residue mod N, guessing the least significant bit of a square root of q is as hard as completely factoring N. Furthermore, the difficulty of guessing the least significant bit of the square root of q remains unchanged even when all but two of the prime factors of N, p 3,...,p l , are known. The result is useful in designing multi-party cryptographic protocols.
Supported in part by an IBM Graduate Fellowship and a Bantrell Postdoctoral Fellowship.
Supported in part by a Weizmann Postdoctoral Fellowship. On leave from the Computer Sc. Dept., Technion
Supported in part by an IBM Faculty Development Award (1984) and NSF Grant DCR-8509905.
Chapter PDF
Keywords
- Quadratic Residue
- Partial Factorization
- Uniform Probability Distribution
- Jacobi Symbol
- Probabilistic Polynomial Time Algorithm
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Alexi, W., B. Chor, O. Goldreich, and C.P. Schnorr, “RSA and Rabin Fuctions: Certain Bits are As Hard As The Whole”, to appear in SIAM Jour. on Computing. Extended abstract in Proc. of 25th FOCS, 1984, pp. 449–457.
Ben-Or, M., B. Chor, and A. Shamir, “On the Cryptogrsphic Security of Single RSA Bits”, 15th ACM Symp. on Theory of Computation, April 1983, pp. 421–430.
Blum, M., “Coin Flipping by Telephone”, IEEE Spring COMCON, 1982.
Blum, L., M. Blum, and M. Shub, “Comparison of Two Pseudo-Random Number Generators”, Advances in Cryptology: Proceedings of Crypto82, Chaum, D., et al. eds., Plenum Press, 1983, pp. 61–79.
Blum, M., and S. Goldwasser, “An Efficient Probabilistic PKCS as Secure as Factoring”, Advances in Cryptography: Proceedings of Crypto 84, Springer Verlag, Lecture Notes in Computer Science (196), 1985, pp. 289–299.
Blum, M., and S. Micali, “How to Cenerate Cryptographically Strong Sequences of Pseudo-Random Bits”, SIAM Jour. on Computing, Vol. 13, No. 4, November 1984, pp. 850–864.
Chor, B., S. Goldwasser, S. Micali, and B. Awerbuch, “Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults”, Proc. of 26th FOCS, 1985, pp. 383–395.
Diffie, W., and M.E. Hellman, “New Directions in Cryptography”, IEEE Trans. on Inform. Theory, Vol. IT-22, No. 6, November 1976, pp. 644–654.
Goldreich, O., “On the Number of Close-and-Equal Pairs of Bits in a String (with Implications on the Security of RSA’s L.s.b.)”, MIT/LCS/TM-256, March 1984.
Goldwasser, S., and S. Micali, “Probabilistic Encryption”, Jour. of Computer and System Science, Vol. 28, No. 2, 1984, pp. 270–299.
Goldwasser, S., S. Micali, and P. Tong, “Why and How to Establish a Private Code on a Public Network”, Proc. of the 23rd IEEE Symp. on Foundation of Computer Science, November 1982, pp. 134–144.
Niven, I., and H.S. Zuckerman, An Introduction to the Theory of Numbers, John Wiley & Sons Inc., (1980).
Rabin, M.O., “Digital Signatures and Public Key Functions as Intractable as Factorization”, MIT/LCS/TR-212, 1979.
Rivest, R.L., and A. Shamir, “An Efficient Factoring Algorithm Based on Partial Information”, presented in Eurocrypt85, Linz, Austria, April 1985.
Rivest, R.L., A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signature and Public Key Cryptosystems”, Comm. of the ACM, Vol.21, February 1978, pp. 120–126.
Vazirani, U.V., and V.V. Vazirani, “RSA Bits are. 732 + ε Secure”, Advances in Cryptology: Proceedings of Crypto83, Chaum, D. ed, Plenum Press, 1984, pp. 369–375.
Vazirani, U.V., and V.V. Vazirani, “Efficient and Secure Pseudo-Random Number Generation”, Proc. of 25th FOCS, 1984, pp. 458–463.
Williams, H.C., “A Modification of the RSA Public-Key Encryption Procedure”, IEEE Trans. Info. Th., IT-26 (1980), pp. 726–729.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1986 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chor, B., Goldreich, O., Goldwasser, S. (1986). The Bit Security of Modular Squaring given Partial Factorization of the Modulos. In: Williams, H.C. (eds) Advances in Cryptology — CRYPTO ’85 Proceedings. CRYPTO 1985. Lecture Notes in Computer Science, vol 218. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39799-X_35
Download citation
DOI: https://doi.org/10.1007/3-540-39799-X_35
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-16463-0
Online ISBN: 978-3-540-39799-1
eBook Packages: Springer Book Archive