Scribd
Upload
13 views

Paillier Encryption

Uploaded by

bcs07183008
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
13 views

Paillier Encryption

Uploaded by

bcs07183008
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

Paillier encryption

introduction
• It is invented by and named after Pascal Paillier in 1999
• It is a probabilistic asymmetric algorithm
• It is a partial homomorphic encryption scheme which allows
two types of computation:
• Addition of two ciphertexts
• Multiplication of a ciphertext by a plaintext number
• Public key cryptography
• It allows two plaintext
Algorithm
• The basic public key encryption scheme has three stages:
• Generate a public-private key pair
• Encrypt a number
• Decrypt a number
Key generation:
• Pick two large prime numbers p and q, randomly and independently
• Confirm that gcd(p×q,(p−1)×(q−1)) is 1. If not, start again.
• Compute n = p × q.
• Compute λ as lcm(p−1, q−1) where lcm(.) means least common multiple.
• Pick a random integer g in the set 𝒁 𝒏𝟐 ∗ (integers between 1 and n 2 ).
• Calculate the modular multiplicative inverse μ = (L(gλ mod n2 ))−1 mod n).
• If μ does not exist, start again from step 1.
• Where the function L(u) = (u−1) / n (quotient of integer division).
• The public key =(n,g). Use this for encryption.
• The private key =(λ, μ). Use this for decryption.
Encryption
• Paillier Encryption Scheme:
• Pick a random number r in the range 0 < r < n.
• Compute the ciphertext
• c = gm × rn mod n2 .
Decryption
• Paillier Decryption Scheme:
• Compute the plaintext
• m = L(cλ mod n2 ) × μ mod n.
Example
• Take two prime numbers
• p=7
• q = 11
• m= 42
• r = 23
• g = 5652
• n=pxq
• n= 77
Encryption
• c = gm × rn mod n2 .
• C = [(5652^ 42 )x (23^77) mod 5929]
• = 4624 (mod 5929)
• = 4624
Decryption
• m = L(cλ mod n2 ) × μ mod n.
• λ = lcm(6,10)
• = 30
• We have to find L and μ ??
• Define L(u) = u-1/n
• μ = (L(gλ mod n2 ))−1 mod n).
• μ =k-1 mod n
• what is k?
Decryption
• k = (L(gλ mod n2 )) i.e L(u) = L(gλ mod n2 )
• So k= L(u)
• k = (L(gλ mod n2 ))
• = L(5652^30 mod 5929)
• =L(3928)
• L(u) = u-1 /n
• = (3928-1)/77
• = 51
Decryption
• Compute inverse of k
• μ = (L(gλ mod n2 ))−1 mod n).
• μ=k-1 mod n
• =51-1 = 74 mod 77
• Now compute m
• m = L(cλ mod n2 ) × μ mod n
• = L(4624^30 (mod 5929). 74 (mod 77)
• = 4852.74 (mod77)
• =42

You might also like