Paper 2004/194

A Note on An Encryption Scheme of Kurosawa and Desmedt

Rosario Gennaro and Victor Shoup


Recently Kurosawa and Desmedt presented a new hybrid encryption scheme which is secure against adaptive chosen-ciphertext attack. Their scheme is a modification of the Cramer-Shoup encryption scheme. Its major advantage with respect to Cramer-Shoup is that it saves the computation of one exponentiation and produces shorter ciphertexts. However, the proof presented by Kurosawa and Desmedt relies on the use of information-theoretic key derivation and message authentication functions. In this note we present a different proof of security which shows that the Kurosawa-Desmedt scheme can be instantiated with any computationally secure key derivation and message authentication functions, thus extending the applicability of their paradigm, and improving its efficiency.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
public-key encryptionchosen ciphertext security
Contact author(s)
shoup @ cs nyu edu
2005-05-18: revised
2004-08-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Rosario Gennaro and Victor Shoup},
      title = {A Note on An Encryption Scheme of Kurosawa and Desmedt},
      howpublished = {Cryptology ePrint Archive, Paper 2004/194},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.