Cryptography in Subgroups of $\mathbb{Z}_{n}^{*}$ [chapter]

Jens Groth
2005 Lecture Notes in Computer Science  
We demonstrate the cryptographic usefulness of a small subgroup of Z * n of hidden order. Cryptographic schemes for integer commitment and digital signatures have been suggested over large subgroups of Z * n , by reducing the order of the groups we obtain quite similar but more efficient schemes. The underlying cryptographic assumption resembles the strong RSA assumption. We analyze a signature scheme known to be secure against known message attack and prove that it is secure against adaptive
more » ... osen message attack. This result does not necessarily rely on the use of a small subgroup, but the small subgroup can make the security reduction tighter. We also investigate the case where Z * n has semi-smooth order. Using a new decisional assumption, related to high residuosity assumptions, we suggest a homomorphic public-key cryptosystem.
doi:10.1007/978-3-540-30576-7_4 fatcat:uhfdf4v7cfh4vld7yrhhcoyfsu