Cryptology ePrint Archive: Report 2021/196

QCCA-Secure Generic Key Encapsulation Mechanism with Tighter Security in the Quantum Random Oracle Model

Xu Liu and Mingqiang Wang

Abstract: Xagawa and Yamakawa (PQCrypto 2019) proved the transformation SXY can tightly turn DS secure PKEs into IND-qCCA secure KEMs in the quantum random oracle model (QROM). But transformations such as KC, TPunc that turn PKEs with standard security (OW-CPA or IND-CPA) into DS secure PKEs still suffer from quadratic security loss in the QROM. In this paper, we give a tighter security reduction for the transformation KC that turns OW-CPA secure deterministic PKEs into modified DS secure PKEs in the QROM. We use the Measure-Rewind-Measure One-Way to Hiding Lemma recently introduced by Kuchta et al. (EUROCRYPT 2020) to avoid the square-root advantage loss. Moreover, we extend it to the case that underlying PKEs are not perfectly correct. Combining with other transformations, we finally obtain a generic KEM from any IND-CPA secure PKE. Our security reduction has roughly the same tightness as the result of Kuchta et al. without any other assumptions and we achieve the stronger IND-qCCA security. We also give a similar result for another KEM transformation achieving the same security notion from any OW-CPA secure deterministic PKE.

Category / Keywords: public-key cryptography / Key encapsulation mechanism, Quantum chosen ciphertext security, Quantum random oracle model

Original Publication (in the same form): IACR-PKC-2021

Date: received 23 Feb 2021, last revised 3 Mar 2021

Contact author: liuxu17 at mail sdu edu cn, wangmingqiang at sdu edu cn

Available format(s): PDF | BibTeX Citation

Version: 20210303:221905 (All versions of this report)

Short URL: ia.cr/2021/196


[ Cryptology ePrint archive ]