We show our claims by counterexamples. Concretely, we construct two public-key encryption schemes. One scheme is secure under selective openings in a simulation-based sense, but not in an indistinguishability-based sense. The other scheme is secure in an indistinguishability-based sense, but not in a simulation-based sense.
Our results settle an open question of Bellare et al. (Eurocrypt 2009). Also, taken together with known results about selective opening secure encryption, we get an almost complete picture how the two flavors of selective opening security relate to standard security notions.Category / Keywords: public-key cryptography / security definitions, selective opening security, public-key encryption Publication Info: Full version of PKC 2012 paper Date: received 15 Dec 2011, last revised 4 Apr 2012 Contact author: florian boehl at kit edu, dennis hofheinz@kit edu, daniel kraschewski@kit edu Available format(s): PDF | BibTeX Citation Version: 20120404:134622 (All versions of this report) Discussion forum: Show discussion | Start new discussion