Paper 2003/024
On Modeling IND-CCA Security in Cryptographic Protocols
Dennis Hofheinz and Joern Mueller-Quade and Rainer Steinwandt
Abstract
Two common notions of security for public key encryption schemes are shown to be equivalent: we prove that indistinguishability against chosen-ciphertext attacks (IND-CCA) is in fact polynomially equivalent to (yet "slightly" weaker than) securely realizing the ideal functionality F_PKE in the general modeling of cryptographic protocols of [http://eprint.iacr.org/2000/067]. This disproves in particular the claim that security in the sense of IND-CCA strictly implies security in the sense of realizing F_PKE (see [http://eprint.iacr.org/2000/067]). Moreover, we give concrete reductions among such security notions and show that these relations hold for both uniform and non-uniform adversarial entities.
Metadata
- Available format(s)
- PDF PS
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- formal cryptographycryptographic protocolsprobabilistic encryption
- Contact author(s)
- hofheinz @ ira uka de
- History
- 2003-02-05: received
- Short URL
- https://ia.cr/2003/024
- License
-
CC BY