A Variant of the Schmidt-Takagi Encryption Scheme

Schmidt and Takagi proposed a variant of the Paillier encryption scheme which employs modulus n = pq [16]. Their scheme has a good property that the one-wayness is under the factoring assumption, and has an additively homomorphic property. Their scheme can be applied to trapdoor commitment and on-line/off-line signature. In this paper, we propose a new variant of the Schmidt-Takagi encryption scheme described as Et(r,m) = r s (1 + mn) mod n, where n, s, t are the public key, m a message, and r a random number. Our scheme has the one-wayness under the chosen plaintext attack based on the factoring problem, and the indistinguishability under the chosen plaintext attack based on the desicional composite residuosity problem. Our scheme implies the Schmidt-Takagi encryption scheme when s = t = 1. Compared with the Damg̊ard-Jurik encryption scheme, although the modulus of our schemes employs n = pq (their scheme employs n = pq), the encryption and decryption speed of our scheme is faster than that of their scheme. Furthermore, we get that Et is additively homomorphic in m if t ≥ ⌈(s+1)/2⌉. In addition, by adding a parameter t we have some properties closely related to homomorphic, which can be applied to cryptographic applications [9].