We show our claims by counterexamples. Concretely, we construct two public-key encryption schemes. One scheme is secure under selective openings in a simulation-based sense, but not in an indistinguishability-based sense. The other scheme is secure in an indistinguishability-based sense, but not in a simulation-based sense.
Our results settle an open question of Bellare et al. (Eurocrypt 2009). Also, taken together with known results about selective opening secure encryption, we get an almost complete picture how the two flavors of selective opening security relate to standard security notions.Category / Keywords: public-key cryptography / security definitions, selective opening security, public-key encryption Original Publication (with minor differences): IACR-PKC-2012 Date: received 15 Dec 2011, last revised 29 Oct 2013 Contact author: florian boehl at kit edu, dennis hofheinz@kit edu, daniel kraschewski@kit edu Available format(s): PDF | BibTeX Citation Version: 20131029:114846 (All versions of this report) Discussion forum: Show discussion | Start new discussion