The Bit Security of Modular Squaring given Partial Factorization of the Modulos

Benny Chor, Oded Goldreich, Shafi Goldwasser

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

It is known that given a composite integer N = p 1 p 2 (such that p 1 ≡ p 2 ≡ 3 (mod 4)), and q a quadratic residue modulo N, guessing the least significant bit of a square root of q with any non-negligible advantage is as hard as factoring N. In this paper we extend the above result to multi-prime numbers N = p 1 p 2..p l (such that p 1 ≡ p 2 ≡.. ≡ p l ≡ 3 (mod 4)). We show that given N and q 1 a quadratic residue mod N, guessing the least significant bit of a square root of q is as hard as completely factoring N. Furthermore, the difficulty of guessing the least significant bit of the square root of q remains unchanged even when all but two of the prime factors of N, p 3,..,p l, are known. The result is useful in designing multi-party cryptographic protocols.

Original languageEnglish
Title of host publicationAdvances in Cryptology — CRYPTO 1985 - Proceedings
EditorsHugh C. Williams
PublisherSpringer Verlag
Pages448-457
Number of pages10
ISBN (Print)9783540164630
DOIs
StatePublished - 1986
Externally publishedYes
Event5th Annual International Cryptology Conference, CRYPTO 1985 - Santa Barbara, United States
Duration: 18 Aug 198522 Aug 1985

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume218 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference5th Annual International Cryptology Conference, CRYPTO 1985
Country/TerritoryUnited States
CitySanta Barbara
Period18/08/8522/08/85

Funding

FundersFunder number
National Science FoundationDCltH509906

    Fingerprint

    Dive into the research topics of 'The Bit Security of Modular Squaring given Partial Factorization of the Modulos'. Together they form a unique fingerprint.

    Cite this