Cryptology ePrint Archive: Report 2009/377
Chosen-Ciphertext Secure RSA-type Cryptosystems
Benoit Chevallier-Mames and Marc Joye
Abstract: This paper explains how to design fully secure RSA-type cryptosystems from schemes only secure against passive attacks, in the standard model. We rely on instance-independence assumptions, which,
roughly speaking, conjecture that for certain problems, an interactive
access to a solver for another problem does not help the challenger. Previously, instance-independence assumptions were used in a "negative" way, to prove that certain schemes proven in the random oracle model were not provable in the standard model.
Our paradigm applies virtually to all (weakly secure) RSA-type encryption schemes for which public-key RSA exponent can be arbitrarily chosen. As an illustration, we present a chosen-ciphertext secure variant of the Naccache-Stern encryption scheme.
Category / Keywords:
Publication Info: Full version of the paper to appear at ProvSec 2009
Date: received 31 Jul 2009, last revised 19 Aug 2009
Contact author: marc joye at thomson net
Available format(s): PDF | BibTeX Citation
Version: 20090819:073029 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]