Abstract

The notion of pseudo-freeness of a group was introduced by Hohenberger, and formalized by Rivest in order to unify cryptographic assumptions. Catalano, Fiore and Warinschi proposed the adaptive pseudo-free group as a generalization of pseudo-free group. They showed that the RSA group \(\mathbb{Z}_N^\times\) is pseudo-free even if the adversary against pseudo-freeness is allowed to operate adaptively, provided that the adaptive behavior of the adversary is restricted by some specific parametric distribution. They also proposed the notion of strong adaptive pseudo-freeness in which the adaptive behavior of the adversary is not restricted. However, it remains open whether \(\mathbb{Z}_N^\times\) is also strongly-adaptive pseudo-free under the strong RSA (SRSA) assumption.In this paper, we give a negative circumstantial evidence for the question. We show that the SRSA assumption does not imply the strong adaptive pseudo-freeness of \(\mathbb{Z}_N^\times\), as far as the algebraic reduction is concerned. The algebraic reduction means that the algorithm of the black-box reduction performs only group operations for elements in \(\mathbb{Z}_N^\times\). Our result indicates that the strong adaptive pseudo-freeness for the RSA group \(\mathbb{Z}_N^\times\) cannot be shown under the SRSA assumption, by employing only current proof techniques which are used in ordinary security proofs.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.