Paper 2007/210

Efficient chosen ciphertext secure PKE scheme with short ciphertext

Xianhui Lu, Xuejia Lai, Dake He, and Guomin Li

Abstract

Kurosawa and Matsuo\cite{Kurosawa20042} showed that MAC can be removed from DHIES while the underlying symmetric-key encryption(SKE) scheme is secure against adaptive chosen ciphertext attacks(IND-CCA). We construct a variant of DHIES which eliminate the MAC while the SKE scheme is secure against passive attacks(IND-PA). Since IND-PA is the basic requirement of SKE schemes, the new scheme is more flexible than \cite{Kurosawa20042}. Our new scheme can be seen as a combination of a tag-KEM \cite{Abe2005} and a DEM. Our construction offers the first tag-KEM with single element. When the hash function $$ in the ODH assumption is a non-malleable hash function we can prove that the new scheme is IND-CCA secure under the ODH assumption.

Note: the secure reduction of the scheme is simplified, the title is renamed