**The REESSE1+ Public Key Cryptosystem v 2.21**

*Shenghui Su and Shuwang Lv*

**Abstract: **In this paper, the authors give the definitions of a coprime sequence and a lever function, and describe the five algorithms and six characteristics of a prototypal public key cryptosystem which is used for encryption and signature, and based on three new problems and one existent problem: the multivariate permutation problem (MPP), the anomalous subset product problem (ASPP), the transcendental logarithm problem (TLP), and the polynomial root finding problem (PRFP). Prove by reduction that MPP, ASPP, and TLP are computationally at least equivalent to the discrete logarithm problem (DLP) in the same prime field, and meanwhile find some evidence which inclines people to believe that the new problems are harder than DLP each, namely unsolvable in DLP subexponential time. Demonstrate the correctness of the decryption and the verification, deduce the probability of a plaintext solution being nonunique is nearly zero, and analyze the exact securities of the cryptosystem against recovering a plaintext from a ciphertext, extracting a private key from a public key or a signature, and forging a signature through known signatures, public keys, and messages on the assumption that IFP, DLP, and LSSP can be solved. Studies manifest that the running times of effectual attack tasks are greater than or equal to O(2^n) so far when n = 80, 96, 112, or 128 with lg M = 696, 864, 1030, or 1216. As viewed from utility, it should be researched further how to decrease the length of a modulus and to increase the speed of the decryption.

**Category / Keywords: **Public key cryptography / Coprime sequence; Lever function; Bit shadow; Digital Signature; Double congruence theorem; Transcendental logarithm problem; Provable Security; Polynomial time Turing reduction

**Original Publication**** (with minor differences): **Theoretical Computer Science, v426-427, Apr. 2012, pp. 91-117.

**Date: **received 15 Nov 2006, last revised 1 Nov 2014

**Contact author: **reesse at 126 com

**Available format(s): **PDF | BibTeX Citation

**Note: **Appendix B and C are modified.

**Version: **20141101:105221 (All versions of this report)

**Short URL: **ia.cr/2006/420

[ Cryptology ePrint archive ]