**Relations among Notions of Security for Public-Key Encryption Schemes**

*Mihir Bellare,Anand Desai, David Pointcheval and Phillip Rogaway*

**Abstract: **We compare the relative strengths of popular notions of security for
public key encryption schemes. We consider the goals of
indistinguishability and non-malleability, each under chosen plaintext
attack and two kinds of chosen ciphertext attack. For each of the
resulting pairs of definitions we prove either an implication (every
scheme meeting one notion must meet the other) or a separation (there
is a scheme meeting one notion but not the other, assuming the first
notion can be met at all). We similarly treat plaintext awareness, a
notion of security in the random oracle model. An additional
contribution of this paper is a new definition of non-malleability
which we believe is simpler than the previous one.

**Category / Keywords: **Encryption, semantic security, non-malleability, chosen ciphertext attack, plaintext awareness.

**Publication Info: **Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive.

**Date: **received June 17th, 1998.

**Contact author: **mihir at cs edu

**Available format(s): **Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

**Short URL: **ia.cr/1998/021

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]