The Mathematics of Public-Key Cryptography, Lecture 9

October 10, 2000

Summary of material covered in lecture 9

• extracting square roots modulo a prime
  • formula when p = 3 mod 4
  • no known poly-time deterministic algorithm when p = 1 mod 4
• Rabin cryptosystem (special case, B=0)
  • decryption algorithm, assuming p,q = 3 mod 4
  • Turing reductions
  • equivalence of breaking Rabin to factoring n
• introduction to semantic security
  • the Jacobi symbol of the plaintext is revealed by RSA ciphertext
  • the parity of the plaintext is not revealed by RSA ciphertext (proof to be given next lecture)
  • goal of semantic security: no information about the plaintext should be revealed by the ciphertext in polynomial time