Cryptanalysis of the immunized LL public key systems

Abstract

In CRYPTO’ 93 Lim and Lee provided a valuable investigation of public key encryption systems secure against adaptive chosen ciphertext attacks. In this paper we identify several insecurities of both their RSA and El Gamal based schemes. We first demonstrate that the RSA based scheme is insecure under an adaptive chosen ciphertext attack. We also point weaknesses in the design of both their RSA and El Gamal based schemes regarding the use of pseudorandom-generators, and in particular show that their choice of pseudorandom-generators for the RSA based scheme may be insecure even with respect to a known ciphertext only attack. They further claim that their schemes are particularly useful in the context of group-oriented cryptosystems due to the unique verification method used. (In fact their scheme is the only group-oriented practical encryption claimed to be secure against chosen ciphertext attacks). Group oriented cryptosystems distribute the decryption process amongst a multiple of individuals in order to provide a mechanism in which no single person is trusted. We further demonstrate that both their schemes are completely insecure in this setting.