Determining the Optimal Random-padding Size for Rabin Cryptosystems
Masahiro Kaminaga, Toshinori Suzuki, Masaharu Fukase
TL;DR
This paper analyzes the shortpad attack on Rabin cryptosystems and derives a formula to determine the optimal padding size that balances security and efficiency.
Contribution
It provides a new formula to calculate the optimal random-padding size to prevent shortpad attacks in Rabin encryption.
Findings
Derived processing-time formula for shortpad attack
Determined optimal padding size for security
Enhanced understanding of padding security criteria
Abstract
Rabin encryption and a secure ownership transfer protocol based on the difficulty of factorization of a public key use a small public exponent. Such encryption requires random number padding. The Coppersmith's shortpad attack works effectively on short padding, thereby allowing an adversary to extract the secret message. However, the criteria for determining the appropriate padding size remains unclear. In this paper, we derived the processing-time formula for the shortpad attack and determined the optimal random-padding size in order to achieve the desired security.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Cryptographic Implementations and Security · Chaos-based Image/Signal Encryption