TY - GEN

T1 - RSA/rabin bits are 1/2 + 1/poly(log N) secure

AU - Alcxi, Werner

AU - Chor, Benny

AU - Goldreich, Oded

AU - Sehnorr, Claus P.

N1 - Publisher Copyright:
© 1984 IEEE.

PY - 1984

Y1 - 1984

N2 - We prove that RSA least significant bit is 1/2 + 1/logcN secure, for any constant c (where N is the RSA modulus). This means that an adversary, given the ciphertext, cannot guess the least significant bit of the plaintext with probability better than 1/2+ 1/logcN unless he can break RSA. Our proof technique is strong enough to give, with slight modifications, the following related results: 1) The log log N least significant bits are simultaneously 1/2 + 1/logcN secure. 2) The above also holds for Rabin's encryption function. Our results imply that Rabin/RSA encryption can be directly used for pseudo random bits generation, provided that factoring/inverting RSA is hard.

AB - We prove that RSA least significant bit is 1/2 + 1/logcN secure, for any constant c (where N is the RSA modulus). This means that an adversary, given the ciphertext, cannot guess the least significant bit of the plaintext with probability better than 1/2+ 1/logcN unless he can break RSA. Our proof technique is strong enough to give, with slight modifications, the following related results: 1) The log log N least significant bits are simultaneously 1/2 + 1/logcN secure. 2) The above also holds for Rabin's encryption function. Our results imply that Rabin/RSA encryption can be directly used for pseudo random bits generation, provided that factoring/inverting RSA is hard.

UR - http://www.scopus.com/inward/record.url?scp=85049234498&partnerID=8YFLogxK

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85049234498

T3 - Proceedings - Annual IEEE Symposium on Foundations of Computer Science, FOCS

SP - 449

EP - 457

BT - 25th Annual Symposium on Foundations of Computer Science, FOCS 1984

PB - IEEE Computer Society

Y2 - 24 October 1984 through 26 October 1984

ER -