Paper 2007/319

A New Security Definition for Public Key Encryption Schemes and Its Applications

Guomin Yang, Duncan S. Wong, Qiong Huang, and Xiaotie Deng

Abstract

The strongest security definition for public key encryption (PKE) schemes is indistinguishability against adaptive chosen ciphertext attacks (IND-CCA). A practical IND-CCA secure PKE scheme in the standard model is well-known to be difficult to construct given the fact that there are only a few such kind of PKE schemes available. From another perspective, we observe that for a large class of PKE-based applications, although IND-CCA security is sufficient, it is not a necessary requirement. Examples are Key Encapsulation Mechanism (KEM), MT-authenticator, providing pseudorandomness with a-priori information, and so on. This observation leads us to propose a slightly weaker version of IND-CCA, which requires ciphertexts of two randomly selected messages are indistinguishable under chosen ciphertext attacks. Under this new security notion, we show that highly efficient schemes proven secure in the standard model can be built in a straightforward way. We also demonstrate that such a security definition is already sufficient for the applications above.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
Public Key EncryptionAdaptive Chosen Ciphertext AttacksStandard Model
Contact author(s)
csyanggm @ cs cityu edu hk
History
2007-08-16: received
Short URL
https://ia.cr/2007/319
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/319,
      author = {Guomin Yang and Duncan S.  Wong and Qiong Huang and Xiaotie Deng},
      title = {A New Security Definition for Public Key Encryption Schemes and Its Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2007/319},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/319}},
      url = {https://eprint.iacr.org/2007/319}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.