## Cryptology ePrint Archive: Report 2004/218

Plaintext-Simulatability

Eiichiro Fujisaki

Abstract: We propose a new security class, called plaintext-simulatability, defined over the public-key encryption schemes. The notion of plaintext simulatability (denoted PS) is similar to the notion of plaintext awareness (denoted PA), but it is, properly'', a weaker security class for public-key encryption. In most cases, PA is unnecessarily'' strong, --- only used to prove that a public-key encryption scheme is CCA2-secure, because it looks much easier than to prove directly'' that the scheme meets IND-CCA2. We show that PS also implies IND-CCA2, while preserving a good view of the security proofs as well as PA. PS looks properly'' stronger than IND-CCA2. So far, however, it is not sure how to prove this, which remains open.

Category / Keywords: public-key cryptography / plaintext-awareness

Date: received 1 Sep 2004, last revised 8 Sep 2004

Contact author: found in the e-mail address in the paper

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2004/218

[ Cryptology ePrint archive ]