Paper 2020/1316

Security of Public Key Encryption against Resetting Attacks

Juliane Krämer and Patrick Struck


Ciphertext indistinguishability under chosen plaintext attacks is a standard security notion for public key encryption. It crucially relies on the usage of good randomness and is trivially unachievable if the randomness is known by the adversary. Yilek (CT-RSA'10) defined security against resetting attacks, where randomness might be reused but remains unknown to the adversary. Furthermore, Yilek claimed that security against adversaries making a single query to the challenge oracle implies security against adversaries making multiple queries to the challenge oracle. This is a typical simplification for indistinguishability security notions proven via a standard hybrid argument. The given proof, however, was pointed out to be flawed by Paterson, Schuldt, and Sibborn (PKC'14). Prior to this work, it has been unclear whether this simplification of the security notion also holds in case of resetting attacks. We remedy this state of affairs as follows. First, we show the strength of resetting attacks by showing that many public key encryption schemes are susceptible to these attacks. As our main contribution, we show that the simplification to adversaries making only one query to the challenge oracle also holds in the light of resetting attacks. More precisely, we show that the existing proof can not be fixed and give a different proof for the claim. Finally, we define real-or-random security against resetting attacks and prove it equivalent to the notion by Yilek which is of the form left-or-right.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Minor revision. 21st International Conference on Cryptology in India (INDOCRYPT 2020)
Public Key EncryptionResetting AttacksProvable Security
Contact author(s)
patrick @ qpc tu-darmstadt de
2020-10-26: revised
2020-10-23: received
See all versions
Short URL
Creative Commons Attribution


      author = {Juliane Krämer and Patrick Struck},
      title = {Security of Public Key Encryption against Resetting Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1316},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.