Paper 2007/319
A New Security Definition for Public Key Encryption Schemes and Its Applications
Guomin Yang, Duncan S. Wong, Qiong Huang, and Xiaotie Deng
Abstract
The strongest security definition for public key encryption (PKE) schemes is indistinguishability against adaptive chosen ciphertext attacks (IND-CCA). A practical IND-CCA secure PKE scheme in the standard model is well-known to be difficult to construct given the fact that there are only a few such kind of PKE schemes available. From another perspective, we observe that for a large class of PKE-based applications, although IND-CCA security is sufficient, it is not a necessary requirement. Examples are Key Encapsulation Mechanism (KEM), MT-authenticator, providing pseudorandomness with a-priori information, and so on. This observation leads us to propose a slightly weaker version of IND-CCA, which requires ciphertexts of two randomly selected messages are indistinguishable under chosen ciphertext attacks. Under this new security notion, we show that highly efficient schemes proven secure in the standard model can be built in a straightforward way. We also demonstrate that such a security definition is already sufficient for the applications above.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- Public Key EncryptionAdaptive Chosen Ciphertext AttacksStandard Model
- Contact author(s)
- csyanggm @ cs cityu edu hk
- History
- 2007-08-16: received
- Short URL
- https://ia.cr/2007/319
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2007/319, author = {Guomin Yang and Duncan S. Wong and Qiong Huang and Xiaotie Deng}, title = {A New Security Definition for Public Key Encryption Schemes and Its Applications}, howpublished = {Cryptology {ePrint} Archive, Paper 2007/319}, year = {2007}, url = {https://eprint.iacr.org/2007/319} }