RSA-type Encryption Schemes Against CPA and CCA2 in Standard Model

GONG Lin-ming; LI Shun-dong; DOU Jia-wei; WANG Dao-shun

doi:10.3969/j.issn.0372-2112.2018.08.019

您当前的位置：

首页 >

文章列表页 >

RSA-type Encryption Schemes Against CPA and CCA2 in Standard Model

更新时间：2025-07-16

- RSA-type Encryption Schemes Against CPA and CCA2 in Standard Model
- Acta Electronica Sinica Vol. 46, Issue 8, Pages: 1938-1946(2018)
- 作者机构：
  
  1. 西安工程大学计算机科学学院,陕西,西安,710048
  2. 陕西师范大学计算机科学学院,陕西,西安,710062
  3. 陕西师范大学数学与信息科学学院,陕西,西安,710062
  4. 清华大学计算机科学与技术系,北京,100084
  5. 西安工程大学计算机科学学院,陕西,西安,710048
  6. 陕西师范大学计算机科学学院,陕西,西安,710062
  7. 陕西师范大学数学与信息科学学院,陕西,西安,710062
  8. 清华大学计算机科学与技术系,北京,100084
- 作者简介：
- 基金信息：
  
  National Natural Science Foundation of China (No.61272435, 61373020);Doctoral Research Fund of Xi’an Polytechnic University (No.107020331)
- DOI：10.3969/j.issn.0372-2112.2018.08.019
  CLC： TP309
- Published Online：25 August 2018，
  
  Published：2018
- 稿件说明：
移动端阅览
GONG Lin-ming, LI Shun-dong, DOU Jia-wei, et al. RSA-type Encryption Schemes Against CPA and CCA2 in Standard Model[J]. Acta Electronica Sinica, 2018, 46(8): 1938-1946.
DOI：

GONG Lin-ming, LI Shun-dong, DOU Jia-wei, et al. RSA-type Encryption Schemes Against CPA and CCA2 in Standard Model[J]. Acta Electronica Sinica, 2018, 46(8): 1938-1946. DOI： 10.3969/j.issn.0372-2112.2018.08.019.

摘要

RSA型加密系统（RSA加密系统及其改进系统的统称）至今仍然被广泛应用于许多注重电子数据安全的电子商务系统中.然而对现有的RSA型加密方案分析发现：（1）只有在随机谕言机模型下抗CCA2攻击的RSA型加密方案，还没有在标准模型下实现IND-CCA2安全的RSA型概率加密方案；（2）没有在标准模型下实现抗CPA且保持乘法同态性的RSA型同态加密方案，而同态性是实现安全多方计算和云计算安全服务的重要性质之一；（3）在实现密文不可区分方面，这些方案除HD-RSA外都是通过一个带hash的Feistel网络引入随机因子的，从而导致这些方案只能在随机谕言机模型下实现IND-CCA2安全.针对以上问题，本文在RSA加密系统的基础上，通过增加少量的有限域上的模指数运算，设计了一个标准模型下具有IND-CPA安全的RSA型概率同态加密方案和一个具有IND-CCA2安全的RSA型概率加密方案.这两个方案在实现密文不可区分时，都不再通过明文填充引入随机因子.此外，本文还提出一个RSA问题的变形问题（称作RSA判定性问题）.

Abstract

RSA and its modified schemes (which are called by a joint name

RSA-type encryption schemes) are still deployed in many commercial systems where data security is very important.Analyzing RSA-type encryption schemes

we find that:(1) to the best of our knowledge

all these schemes are merely secure against adaptive chosen-ciphertext attack(CCA2) in the random oracle(RO) model

and there is no RSA-type schemes yet that is indistinguishable under adaptive chosen-ciphertext attack in the standard model;(2) there is no RSA-type scheme that is secure against chosen plaintext attack(CPA) but keeping multiplicative homomorphism

whereas encryption schemes with homomorphism are important for secure multi-party computations and secure cloud services;(3) except for the Hybrid Dependent RSA(HD-RSA)

all the schemes introduce randomness into ciphertext by a Feistel network with hash functions;hence

this brings all the schemes to achieve IND-CCA2 security merely in RO model.In this paper

we propose two RSA-type encryption schemes that only need a few more modular arithmetic operations.One is indistinguishable against chosen plaintext attack with homomorphism

while another is indistinguishable against adaptive chosen ciphertext attack in standard model.Both schemes are probabilistic without plaintext padding.Furthermore

we propose a new variant RSA problem

which is called RSA decisional problem(denote by DRSA).

关键词

Keywords

references

Views

361

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Private Intersection-Sum Computation

Provably Secure Group Signature Scheme with Verifier-Local Revocation in the Standard Model

Escrowable Identity-Based Authenticated Key Agreement in the Standard Model

CCA2 Secure Fuzzy Identity-Based Encryption with Constant Size Ciphertexts in the Standard Model

Related Author

JIA Zhu-liang

ZHAO Xue-ling

LI Shun-dong

ZHANG Yi-chen

SUN Gang

LI Ji-guo

CHEN Ming

LIU Xi-meng

Related Institution

河海大学计算机与信息学院

School of Mathematics and Computer Science, Yichun University

School of Mathematics and Computer Science Yichun University Yichun Jiangxi China

Shaanxi Key Laboratory of Network and System Security Xidian University Xi'an Shaanxi China

School of Telecommunication Engineering Xidian University Xi'an Shaanxi China

⁰