Subsequently Raghunathan et al. (Eurocrypt '13) showed how to relax this restriction by allowing the message/randomness distributions to depend on the public key as long as the distributions belong to a family of bounded size fixed before the public key is known.
We extend the definition further to what we call Strong Chosen Distribution Attacks where the message/randomness distributions may depend on the public key as long as certain entropy conditions are satisfied. Our security model comes from a natural model of attack where an adversary infiltrates the encryption system and installs a trojan program prior to knowing the public key, and subsequently is allowed limited communication with the trojan program.
We present secure constructions in the standard and random oracle models both with and without decryption oracles (corresponding to CPA or CCA security). We also prove that our definition simultaneously generalizes previous definitions in this line of work.
Category / Keywords: public-key cryptography / public-key cryptography, weak randomness, lossy trapdoor functions, deterministic encryption Date: received 23 Oct 2013 Contact author: david xiao at gmail com Available format(s): PDF | BibTeX Citation Version: 20131024:092707 (All versions of this report) Short URL: ia.cr/2013/681 Discussion forum: Show discussion | Start new discussion