Cryptology ePrint Archive: Report 2002/011

Optimal Chosen-Ciphertext Secure Encryption of Arbitrary-Length Messages

Jean-Sebastien Coron, Helena Handschuh, Marc Joye, Pascal Paillier, David Pointcheval and Christophe Tymen

Abstract: This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressing what is actually needed for a practical usage of strong public-key cryptography in the real world. We put forward two generic constructions, gem-1 and gem-2, which apply to explicit fixed-length weakly secure primitives and provide a strongly secure (IND-CCA2) public-key encryption scheme for messages of unfixed length (typically computer files). Our techniques optimally combine a single call to any one-way trapdoor function with repeated encryptions through some weak block-cipher (a simple xor is fine) and hash functions of fixed-length input so that a minimal number of calls to these functions is needed. Our encryption/decryption throughputs are comparable to the ones of standard methods (asymmetric encryption of a session key + symmetric encryption with multiple modes). In our case, however, we formally prove that our designs are secure in the strongest sense and provide complete security reductions holding in the random oracle model.

Category / Keywords: public-key cryptography /

Publication Info: Extended Abstract published in Public Key Conference PKC 2002

Date: received 25 Jan 2002

Contact author: pascal paillier at gemplus com

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Note: An extended abstract was published in Public Key Conference PKC 2002. This is the complete work (all proofs are included).

Version: 20020126:012917 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]