## Cryptology ePrint Archive: Report 2006/029

Authenticated Hybrid Encryption for Multiple Recipients

Stéphanie Alt

Abstract: Authenticated encryption schemes used in order to send one message to one recipient have received considerable attention in the last years. We investigate the case of schemes, we call authenticated $\mathtt{1{\to}n}$ schemes, that allow one to encrypt efficiently in a public-key setting a message for several, say $n$, recipients in an authenticated manner. We propose formal security definitions for such schemes that work also for $n=1$ and which are stronger and/or more general than those currently proposed. We then present a flexible mode of operation that transforms any $\mathtt{1{\to}1}$ authenticated encryption scheme working on small messages into a $\mathtt{1{\to}n}$ authenticated encryption scheme working on longer messages. We show that it allows the construction of efficient $\mathtt{1{\to}n}$ schemes that are proved secure for the strongest security notion.

Category / Keywords: public-key cryptography / Public key encryption, Authentication,