Determining the Optimal Random-padding Size for Rabin Cryptosystems
This work addresses a security gap in Rabin cryptosystems for cryptographic applications, but it is incremental as it builds on known attacks to refine padding criteria.
The paper tackled the problem of determining the appropriate random-padding size for Rabin cryptosystems to resist Coppersmith's shortpad attacks, resulting in a derived formula for processing time and identification of an optimal padding size for desired security.
Rabin encryption and a secure ownership transfer protocol based on the difficulty of factorization of a public key use a small public exponent. Such encryption requires random number padding. The Coppersmith's shortpad attack works effectively on short padding, thereby allowing an adversary to extract the secret message. However, the criteria for determining the appropriate padding size remains unclear. In this paper, we derived the processing-time formula for the shortpad attack and determined the optimal random-padding size in order to achieve the desired security.