Paper 2015/010

Simulation-based Selective Opening CCA Security for PKE from Key Encapsulation Mechanisms

Shengli Liu and Kenneth G. Paterson


We study simulation-based, selective opening security against chosen-ciphertext attacks (SIM-SO-CCA security) for public key encryption (PKE). In a selective opening, chosen-ciphertext attack (SO-CCA), an adversary has access to a decryption oracle, sees a vector of ciphertexts, adaptively chooses to open some of them, and obtains the corresponding plaintexts and random coins used in the creation of the ciphertexts. The SIM-SO-CCA notion captures the security of unopened ciphertexts with respect to probabilistic polynomial-time (ppt) SO-CCA adversaries in a semantic way: what a ppt SO-CCA adversary can compute can also be simulated by a ppt simulator with access only to the opened messages. Building on techniques used to achieve weak deniable encryption and non-committing encryption, Fehr et al. (Eurocrypt 2010) presented an approach to constructing SIM-SO-CCA secure PKE from extended hash proof systems (EHPSs), collision-resistant hash functions and an information-theoretic primitive called Cross Authentication Codes (XACs). We generalize their approach by introducing a special type of Key Encapsulation Mechanism (KEM) and using it to build SIM-SO-CCA secure PKE. We investigate what properties are needed from the KEM to achieve SIM-SO-CCA security. We also give three instantiations of our construction. The first uses hash proof systems, the second relies on the n-Linear assumption, and the third uses indistinguishability obfuscation (iO) in combination with extracting, puncturable Pseudo-Random Functions in a similar way to Sahai and Waters (STOC 2014). Our results establish the existence of SIM-SO-CCA secure PKE assuming only the existence of one-way functions and iO. This result further highlights the simplicity and power of iO in constructing different cryptographic primitives.

Note: An extended abstract of this paper will be published in the proceedings of the 18th International Conference on Practice and Theory in Public-Key Cryptography (PKC 2015). This is the full version.

Available format(s)
Publication info
A major revision of an IACR publication in PKC 2015
public-key cryptographyselective opening
Contact author(s)
slliu @ sjtu edu cn
2015-01-10: revised
2015-01-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Shengli Liu and Kenneth G.  Paterson},
      title = {Simulation-based Selective Opening CCA Security for PKE from Key Encapsulation Mechanisms},
      howpublished = {Cryptology ePrint Archive, Paper 2015/010},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.