Cryptology ePrint Archive: Report 2016/243
On the Key Dependent Message Security of the Fujisaki-Okamoto Constructions
Fuyuki Kitagawa and Takahiro Matsuda and Goichiro Hanaoka and Keisuke Tanaka
Abstract: In PKC 1999, Fujisaki and Okamoto showed how to convert any public key encryption (PKE) scheme secure against chosen plaintext attacks (CPA) to a PKE scheme which is secure against chosen ciphertext attacks (CCA) in the random oracle model. Surprisingly, the resulting CCA secure scheme has almost the same efficiency as the underlying CPA secure scheme. Moreover, in J. Cryptology 2013, they proposed the more efficient conversion by using the hybrid encryption framework.
In this work, we clarify whether these two constructions are also secure in the sense of key dependent message security against chosen ciphertext attacks (KDM-CCA security),
under exactly the same assumptions on the building blocks as those used by Fujisaki and Okamoto. Specifically, we show two results: Firstly, we show that the construction proposed in PKC 1999 does not satisfy KDM-CCA security generally. Secondly, on the other hand, we show that the construction proposed in J. Cryptology 2013 satisfies KDM-CCA security.
Category / Keywords: public-key cryptography / public key encryption, key dependent message security, chosen ciphertext security.
Original Publication (with major differences): IACR-PKC-2016
Date: received 4 Mar 2016
Contact author: kitagaw1 at is titech ac jp
Available format(s): PDF | BibTeX Citation
Version: 20160305:013423 (All versions of this report)
Short URL: ia.cr/2016/243
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]