Secure key encapsulation, combined with an appropriately secure symmetric encryption scheme, yields a hybrid public-key encryption scheme which is secure against chosen-ciphertext attacks. The implied encryption scheme is very efficient: compared to the previously most efficient scheme by Kurosawa and Desmedt [Crypto 2004] it has 128 bits shorter ciphertexts, between 25-50% shorter public/secret keys, and it is slightly more efficient in terms of encryption/decryption speed. Furthermore, our scheme enjoys (the option of) public verifiability of the ciphertexts and it inherits all practical advantages of secure hybrid encryption.
Category / Keywords: public-key cryptography / Chosen-ciphertext security, Public-key encryption, key encapsulation Publication Info: Preliminary version in PKC 2007. This is the full version. Date: received 5 Feb 2007, last revised 14 Feb 2007 Contact author: kiltz at cwi nl Available format(s): PDF | BibTeX Citation Version: 20070214:222100 (All versions of this report) Short URL: ia.cr/2007/036 Discussion forum: Show discussion | Start new discussion