Paper 2007/036

Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman

Eike Kiltz

Abstract

We propose a practical key encapsulation mechanism with a simple and intuitive design concept. Security against chosen-ciphertext attacks can be proved in the standard model under a new assumption, the Gap Hashed Diffie-Hellman (GHDH) assumption. The security reduction is tight and simple. Secure key encapsulation, combined with an appropriately secure symmetric encryption scheme, yields a hybrid public-key encryption scheme which is secure against chosen-ciphertext attacks. The implied encryption scheme is very efficient: compared to the previously most efficient scheme by Kurosawa and Desmedt [Crypto 2004] it has 128 bits shorter ciphertexts, between 25-50% shorter public/secret keys, and it is slightly more efficient in terms of encryption/decryption speed. Furthermore, our scheme enjoys (the option of) public verifiability of the ciphertexts and it inherits all practical advantages of secure hybrid encryption.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Preliminary version in PKC 2007. This is the full version.
Keywords
Chosen-ciphertext securityPublic-key encryptionkey encapsulation
Contact author(s)
kiltz @ cwi nl
History
2007-02-14: revised
2007-02-14: received
See all versions
Short URL
https://ia.cr/2007/036
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/036,
      author = {Eike Kiltz},
      title = {Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman},
      howpublished = {Cryptology ePrint Archive, Paper 2007/036},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/036}},
      url = {https://eprint.iacr.org/2007/036}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.