The aim of this work is to avoid these attacks from the generic transformation, identifying the properties that an asymmetric scheme must hold to obtain a secure hybrid scheme. To achieve this, some ambiguities in the proof of the generic transformation~\cite{FO99} are described, which can lead to false claims. As a result the original conversion is modified and the range of asymmetric primitives that can be used is shortened.
In second place, the concept of {\it Easy Verifiable Primitive} is formalized, showing its connection with the Gap problems. Making use of these ideas, a {\it new} security proof for the modified transformation is given. The good news is that the reduction is {\it tight}, improving the concrete security claimed in the original work for the Easy Verifiable Primitives. For the rest of primitives the concrete security is improved at the cost of stronger assumptions.
Finally, the resistance of the new conversion against reject timing attacks is addressed.
Category / Keywords: public-key cryptography / chosen-ciphertext security, tight reduction, Date: received 28 May 2003 Contact author: dgalindo at mat upc es Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Version: 20030529:213542 (All versions of this report) Short URL: ia.cr/2003/107 Discussion forum: Show discussion | Start new discussion