New Multiplicative KnapsackType Public Key Cryptosystems Source IEICE
New Multiplicative Knapsack-Type Public Key Cryptosystems Source: IEICE Transactions on Fundamentals Vol. E 84 -A No. 1 pp. 188 -196 Jan. 2001 Author: Shinya Kiuchi, Yasuyuki Murakami, and Masao Kasahara Speaker: Lai, Yi-Peng Date: 11/10/2001 1
Research Steps n n MK Cryptosystem(1988) and SA Encoding (1972) A 輸出值的值域較小 BI 加快處理速度(切割 input message) BII 採用 lookup table (限制每個分割對 應到的 index 的 weight 為 1) 2
Definitions n n n Divisibility: <b/a>=1 if b 0 (mod a), otherwise 0. Vector exponentiation by scalar: c=ae ci=aie , i=1, 2, …, n Vector exponentiation by vector: C=ab C= aibi , i=1, 2, …, n 3
Morii-Kasahara Cryptosystem n 1. 2. 3. n 1. 2. Secret Key: Secret vector: a a=(a 1, a 2, …, an) ai 兩兩 互質 Encryption key: e gcd(e, P)=1 Decryption key: d ed 1 (mod P-1) Public key: Prime modulus: P P> ai i=1~n Public vector: c c ae (mod P) 4
Morii-Kasahara Cryptosystem( 續) n 1. 2. Encryption: Message x=(x 1, x 2, …, xn) Ciphertext C C cx (mod P) Decryption: D Cd (cx)d aexd ax (mod P) x=(<D/a 1>, <D/a 2>, …, <D/an>) 5
Schalkwijk Algorithm n Encode (s) { j=0; l=0; for (k=1~n) if (sk=1) {l=l+1; j=j+k-1 Cl} i=j; return (i); } n Decode (i, n, w) { j=i; l=w; for (k=1~n) if (j>=n-k. Cl) { j=j-n-k. Cl; l=l-1; sn-k+1=1; } else sn-k+1=0; return (s); } 6
Examples 1011 i=2, w=3 s 1=1, l=1, j=0 C 1=0; s 2=0; s 3=1, l=2, j=2 C 2=1; s 4=1, l=3, j=1+3 C 3=2; n 0011 i=5, w=2 s 1=0; s 2=0; s 3=1, l=1, j=2 C 1=2; s 4=1, l=2, j=2+3 C 2=5; n 0010 i=2, w=1 s 1=0; s 2=0; s 3=1, l=1, j=2 C 1=2; s 4=0; n 7
A Algorithm n Prime P > Max (as), s S(n, w). S is a set of n-dimensional, w-weight binary vectors. sender Message x receiver SA Decode Index(i, n, w) i s C cs mod P C receiver C D=Cd mod P D divisibility s SA Encode (s) i x 8
![BI Algorithm n Prime P > Max (a[s 1|s 2|…|sy]), sk S(nk, wk) k=1,](http://slidetodoc.com/presentation_image_h2/295512f5a7d1c4d4c9e6421ff03751d7/image-9.jpg "BI Algorithm n Prime P > Max (a[s 1|s 2|…|sy]), sk S(nk, wk) k=1,")
BI Algorithm n Prime P > Max (a[s 1|s 2|…|sy]), sk S(nk, wk) k=1, 2, …, y and n=n 1+n 2+…+ny, w=w 1+w 2+…+wy. receiver sender x 1 i 2 Message x x 2 xy iy C D=Cd mod P D divisibility s 1 s 2 s C cs mod P C sy s receiver s 1, s 2, …, sy i 1, i 2, …, iy SA Encode (si) [x 1|x 2|…|xy] 9
![BII Algorithm n n x->[x 1|x 2|…|xy], w(xi)=1 Prime P > MAX (a[s 1|s](http://slidetodoc.com/presentation_image_h2/295512f5a7d1c4d4c9e6421ff03751d7/image-10.jpg "BII Algorithm n n x->[x 1|x 2|…|xy], w(xi)=1 Prime P > MAX (a[s 1|s")
BII Algorithm n n x->[x 1|x 2|…|xy], w(xi)=1 Prime P > MAX (a[s 1|s 2|…|sy]), sk S(nk, 1) k=1, 2, …, y and n=n 1+n 2+…+ny, w=y. sender x 1 i 2 Message x x 2 xy iy C D=Cd mod P D divisibility receiver Lookup table s 1 s 2 s C cs mod P C sy s receiver s 1, s 2, …, sy i 1, i 2, …, iy SA Encode (si) [x 1|x 2|…|xy] 10
- Slides: 11
