Skip to main content
Conference ProceedingsOPEN ACCESS

The RSA group is pseudo-free

Lecture Notes in Computer Science (2005) 3494 387-403
DOI: 10.1007/11426639_23
8Citations
Citations of this article
28Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We prove, under the strong RSA assumption, that the group of invertible integers modulo the product of two safe primes is pseudo-free. More specifically, no polynomial time algorithm can output (with non negligible probability) an unsatisfiable system of equations over the free abelian group generated by the symbols g1, ⋯, gn, together with a solution modulo the product of two randomly chosen safe primes when g 1, ⋯, gn are instantiated to randomly chosen quadratic residues. Ours is the first provably secure construction of pseudo-free abelian groups under a standard cryptographic assumption, and resolves a conjecture of Rivest (TCC 2004). © International Association for Cryptologic Research 2005.

Cite

CITATION STYLE

APA

Micciancio, D. (2005). The RSA group is pseudo-free. In Lecture Notes in Computer Science (Vol. 3494, pp. 387–403). Springer Verlag. https://doi.org/10.1007/11426639_23

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free