Cryptology ePrint Archive: Report 2018/135

A note on the equivalence of IND-CCA & INT-PTXT and IND-CCA & INT-CTXT

Daniel Jost and Christian Badertscher and Fabio Banfi

Abstract: The security for authenticated encryption schemes is often captured by demanding CCA security (IND-CCA) and integrity of plaintexts (INT-PTXT). In this short note, we prove that this implies in particular integrity of ciphertexts, i.e., INT-CTXT. Hence, the two sets of requirements mentioned in the title are equivalent.

Category / Keywords: