More efficient DDH pseudorandom generators
Pages 45 - 64
Abstract
In this paper, we first show a DDH Lemma, which states that a multi-variable version of the decisional Diffie---Hellman problem is hard under the standard DDH assumption, where the group size is not necessarily known. Our proof, based on a self-reducibility technique, has a small reduction complexity. Using DDH Lemma, we extend the FSS pseudorandom generator of Farashahi et al. to a new one. The new generator is almost twice faster than FSS while still provably secure under the DDH assumption. Using the similar technique for the RSA modulus, we improve the Goldreich---Rosen generator. The new generator is provably secure under the factoring assumption and DDH assumption over $${\mathbb{Z}_N^*}$$ . Evidently, to achieve the same security level, different generators may have different security parameters (e.g., distinct length of modulus). We compare our generators with other generators under the same security level. For simplicity, we make comparisons without any pre-computation. As a result, our first generator is the most efficient among all generators that are provably secure under standard assumptions. It has the similar efficiency as Gennaro generator, where the latter is proven secure under a non-standard assumption. Our second generator is more efficient than Goldreich---Rosen generator.
References
[1]
Alexi W., Chor B., Goldreich O., Schnorr C.: RSA and Rabin functions: certain parts are as hard as the whole. SIAM J. Comput. 17 (2), 194-209 (1988).
[2]
Bellare M., Boldyreva A., Micali S.: Public-key encryption in a multi-user setting: security proofs and improvements. In: Advances in Cryptology-EUROCRYPT'00. LNCS, vol. 1807, pp. 259-274 (2000).
[3]
Bellare M., Boldyreva A., Kurosawa K., Staddon J.: Multi-recipient encryption schemes: efficient constructions and their security. IEEE Trans. Inform. Theory 53 (11), 3927-3943 (2007).
[4]
Berbain C., Gilbert H., Patarin J.: QUAD: a practical stream cipher with provable security. In: Advances in Cryptology-EUROCRYPT 2006. LNCS, vol. 4004, pp. 109-128 (2006).
[5]
Blum M., Micali S.: How to generate cryptographically strong sequences of pseudorandom bits. SIAM J. Comput. 13 (4), 850-864 (1984).
[6]
Blum L., Blum M., Shub M.: A Simple unpredictable pseudorandom number generator. SIAM J. Comput. 15 (2), 364-383 (1986).
[7]
Boneh D.: The decision Diffie-Hellman problem. In: The Third Algorithmic Number Theory Symposium. LNCS, vol. 1423, pp. 48-63 (1998).
[8]
Boneh D., Halevi S., Howgrave-Graham N.A.: The modular inversion hidden number problem. In: Advances in Cryptology-ASIACRYPT 2001. LNCS, vol. 2248, pp. 36-51 (2001).
[9]
Chevassut O., Fouque P.A., Gaudry P., Pointcheval D.: Key derivation and randomness extraction. Cryptology ePrint archive. Report 2005/061 (2005). http://eprint.iacr.org/2005/061.pdf.
[10]
Diffie W., Hellman M.: New directions in cryptography. IEEE Trans. Inf. Theory 22 (6), 644-654 (1976).
[11]
Farashahi R.R., Schoenmakers B., Sidorenko A.: Efficient pseudo-random generators based on the DDH assumption. In: PKC 2007. LNCS, vol. 4450, pp. 426-441 (2007).
[12]
Fischlin R., Schnorr C.: Stronger security proofs for RSA and Rabin bits. J. Cryptol. 13 (2), 221-244 (2000).
[13]
Gennaro R.: An improved pseudo-random generator based on the discrete logarithm problem. J. Cryptol. 18 (2), 91-110 (2006).
[14]
Goldreich O., Goldwasser S., Micali S.: How to construct random functions. J. ACM 33 (4), 792-807 (1986).
[15]
Goldreich O., Rosen V.: On the security of modular exponentiation with application to the construction of pseudorandom generators. J. Cryptol. 16 (2), 71-93 (2003).
[16]
Goldreich O., Wigderson A.: Tiny family of functions with random properties: a quality-size tradeoff forhashing. In: ACM STOC'94. pp. 574-584 (1994).
[17]
Goldwasser S., Micali S.: probabilistic encryptions. J. Comput. Syst. Sci. 28 (2), 270-299 (1984). Priliminary version appears in STOC'82.
[18]
Gonzalez VascoM.I., Naslund M., Shparlinski I.E.: New results on the hardness of Diffie-Hellman bits. In: PKC 2004. LNCS, vol. 2947, pp. 159-172 (2004).
[19]
Håstad J., Impagliazzo R., Levin L., Luby M.: A pseudo-random generator from any one-way function. SIAM J. Comput. 28 (4), 1364-1396 (1999).
[20]
Impagliazzo R., NaorM.: Efficient cryptographic schemes provably as secure as subset sum. J. Cryptol. 9 (4), 199-216, (1996).
[21]
Jiang S.: Efficient primitives from exponentiation in Zp. In: Information Security and privacy: 11th Australasian Conference--ACISP 2006. LNCS, vol. 4058, pp. 259-270 (2006).
[22]
Jiang S., Gong G.: Security of a server-assisted group password-authenticated key exchange protocol. Technical Report CACR 2005-17 (2005). http://www.cacr.math.uwaterloo.ca.
[23]
Juels A., Jakobsson M., Shriver E., Hillyer B.K.: How to turn loaded dice into fair coins. IEEE Trans. Inform Theory 46 (3), 911-921 (2000).
[24]
Lenstra A.K., Verheul E.R.: Selecting cryptographic key sizes. J. Cryptol. 14 (4), 255-293 (2001).
[25]
Lim C., Lee P.: More flexible exponentiation with precomputation. In: Advances in Cryptology-CRYPTO 1994. LNCS, vol. 839, pp. 95-107 (1994).
[26]
Long D.L., Wigderson A.: How discreet is the discrete log. In: ACM STOC. pp. 413-420 (1983).
[27]
Luby M., Rackoff C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17 (2), 373-386 (1988).
[28]
Naor M.: Bit commitment using pseudorandomness. J. Cryptol. 4 (2), 151-158 (1991).
[29]
Patel S., Sundaram G.S.: An efficient discrete log pseudo random generator. In: Advances in Cryptology-CRYPTO 1998. LNCS, vol. 1462, pp. 304-317 (1998).
[30]
Peralta R.: Simultaneous security of bits in the discrete Log. In: Advances in Cryptology-EUROCRYPT 1985. LNCS, vol. 219, pp. 62-72 (1986).
[31]
Shaltiel R.: Recent developments in explicit constructions of extractors. In: Bull. Eur. Assoc. Theory Comput. Sci., pp. 67-95 (2002).
[32]
Shoup V.: Lower bounds for discrete logarithms and related problems. In: Advances in Cryptology-EUROCRYPT 1997. LNCS, vol. 1233, pp. 256-266 (1997).
[33]
Shoup V.: On formal models for secure key exchange. http://philby.ucsd.edu/cryptolib/1999.html.
[34]
Sidorenko A., Schoenmakers B.: Concrete security of the blum-blum-shub pseudorandom generator. In: Cryptography and Coding 2005. LNCS, vol. 3796, pp. 355-375 (2005).
[35]
Steinfeld R., Pieprzyk J., Wang H.: On the provable security of an efficient RSA-based pseudorandom generator. In: Advances in Cryptology-ASIACRYPT 2006. LNCS, vol. 4284, pp. 194-209 (2006).
[36]
Wullschleger J.: Oblivious transfer amplification, PhD Thesis, ETH, 2006. http://arxiv.org/abs/cs/ 0608076.
[37]
Yao A.: Theory and applications of trapdoor functions. In: IEEE FOCS. pp. 80-91 (1982).
- More efficient DDH pseudorandom generators
Recommendations
Efficient discrete logarithm based multi-signature scheme in the plain public key model
In this paper, we provide a new multi-signature scheme that is proven secure in the plain public key model. Our scheme is practical and efficient according to computational costs, signature size and security assumptions. At first, our scheme matches the ...
On the provable security of an efficient RSA-Based pseudorandom generator
ASIACRYPT'06: Proceedings of the 12th international conference on Theory and Application of Cryptology and Information SecurityPseudorandom Generators (PRGs) based on the RSA inversion (one-wayness) problem have been extensively studied in the literature over the last 25 years. These generators have the attractive feature of provable pseudorandomness security assuming the ...
An efficient signcryption for data access control in cloud computing
Data storage is one of main services in cloud computing. How to ensure the confidentiality and authorized access of data is the central issue of data storage. In this paper, we propose a novel data access control scheme that can simultaneously achieve ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © Copyright © 2010 Springer Science+Business Media, LLC.
Publisher
Kluwer Academic Publishers
United States
Publication History
Published: 01 April 2010
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 17 Nov 2024
Other Metrics
Citations
View Options
View options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in