A new public - key cryptosystem over quadratic orderswith quadratic decryption timeSachar

We present a new cryptosystem based on ideal arithmetic in quadratic orders. The method of our trapdoor is diierent from the Diie-Hellman key distribution scheme or the RSA cryp-tosystem. The plaintext m is encrypted by mp r , where p is a xed element and r is a random integer, so our proposed cryptosystem is a probabilistic encryption scheme and has the ho-momorphy property. The most prominent property of our cryptosystem is the cost of the decryption, which is of quadratic bit complexity in the length of the public key. Our implementation shows that it is comparably as fast as the encryption time of the RSA cryptosystem with e = 2 16 + 1. The security of our cryptosystem is closely related to factoring the discrimi-nant of a quadratic order. When we choose appropriate sizes of the parameters, the currently known fast algorithms, for examples, the elliptic curve method, the number eld sieve, the Hafner-McCurley algorithm, are not applicable. We also discuss that the chosen ciphertext attack is not applicable to our cryptosystem. 1 Overview Plenty of public key cryptosystems have been proposed, and the Diie-Hellman key distribution scheme or the RSA cryptosystem are mostly used throughout the world 9] 22]. Typically, these public key cryptosystems involve a modular exponentiation with a large number, which is of cubic bit complexity in the bit length of the public key and its computation is relatively slow. On the other side, for the sake of high security the secret keys are stored on a smart card and the decryption computation is also carried out over the smart card. So a cryptosystem with fast decryption is desired. To our knowledge, there exists no practical public key cryptosystem which has quadratic decryption time. In this paper, we present a new cryptosystem with fast decryption time. The decryption is of quadratic bit complexity; it involves an extended Euclidean algorithm computation, an ideal reduction and a few basic operations like multiplication and division with remainder of numbers. By the experiment of our implementation, our cryptosystem is comparably as fast as the encryption time of the RSA cryptosystem with e = 2 16 + 1. Our cryptosystem is constructed over an imaginary quadratic eld. Buchmann and Williams proposed the rst algorithm which achieves the Diie-Hellman key distribution scheme using the class group in an imaginary quadratic eld 4]. Later, Hafner and McCurley discovered the sub-exponential algorithm against the …