# A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack

@article{Cramer1998APP, title={A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack}, author={Ronald Cramer and Victor Shoup}, journal={IACR Cryptol. ePrint Arch.}, year={1998}, volume={1998}, pages={6} }

A new public key cryptosystem is proposed and analyzed. The scheme is quite practical, and is provably secure against adaptive chosen ciphertext attack under standard intractability assumptions. There appears to be no previous cryptosystem in the literature that enjoys both of these properties simultaneously.

## 1,507 Citations

### Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack

- Computer Science, MathematicsSIAM J. Comput.
- 2003

A new public-key encryption scheme, along with several variants, is proposed and analyzed that appear to be the first public- key encryption schemes in the literature that are simultaneously practical and provably secure.

### A Practical Elliptic Curve Public Key Encryption Scheme Provably Secure Against Adaptive Chosen-message Attack

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2003

A practical elliptic curve cryptosystem is derived by making use of some nice elliptic Curve where the decisional DiffieHellman assumption is reserved and is shown to be provably secure against adaptive chosen cipher-text attack.

### An Efficient Public Key Cryptosystem Secure Against Chosen Ciphertext Attack

- Computer Science, MathematicsICISS
- 2006

The main advantage of the schemes is that they employ a problem equivalent to the well-studied RSA problem, and thus the resulting schemes are as secure as the RSA system.

### Improved PKC Provably Secure against Chosen Cipher text Attack

- Computer Science, Mathematics
- 2013

A new public key cryptosystem is presented which is based on Equivalent -RSA that is provably secure against adaptive chosen cipher text attack (as defined by Rackoff[22]).

### Efficient Public-Key Cryptosystems Provably Secure Against Active Adversaries

- Computer Science, MathematicsASIACRYPT
- 1999

Two new public-key cryptosystems semantically secure against adaptive chosen-ciphertext attacks are proposed, in the random oracle model, secure against active adversaries (NM-CCA2) under the assumptions that the Decision Composite Residuosity and Decision Partial Discrete Logarithms problems are intractable.

### On DRSA Public Key Cryptosystem

- Computer Science, MathematicsInt. Arab J. Inf. Technol.
- 2006

This paper underlined a shortcoming of that scheme and proposed an alternative DRSA public key cryptosystem that is not semantically secure.

### A Novel Hybrid Encryption Scheme against Adaptive Chosen Ciphertext Attack

- Computer Science, Mathematics2007 International Conference on Computational Intelligence and Security Workshops (CISW 2007)
- 2007

This work describes a practical hybrid encryption scheme based on the weaker LDDH assumption, and in the standard model prove to be CCA2-secure if the L DDH assumption is true.

### A CCA2 Secure Public Key Encryption Scheme Based on the McEliece Assumptions in the Standard Model

- Computer Science, MathematicsCT-RSA
- 2009

We show that a recently proposed construction by Rosen and Segev can be used for obtaining the first public key encryption scheme based on the McEliece assumptions which is secure against adaptive…

### Rerandomizable and Replayable Adaptive Chosen Ciphertext Attack Secure Cryptosystems

- Computer Science, MathematicsTCC
- 2004

A cryptosystem that is RCCA secure has full CCA2 security except for the little detail that it may be possible to modify a ciphertext into another ciphertext containing the same plaintext.

### Public Key Encryption Schemes with Bounded CCA Security and Optimal Ciphertext Length Based on the CDH Assumption

- Computer Science, MathematicsISC
- 2010

This paper shows that the same result can be easily obtained based on weaker computational assumption, namely: the computational Diffie-Helman assumption.

## References

SHOWING 1-10 OF 27 REFERENCES

### Public-key cryptosystems provably secure against chosen ciphertext attacks

- Computer Science, MathematicsSTOC '90
- 1990

We show how to construct a public-key cryptosystem (as originally defined by DiNe and Hellman) secure against chosen ciphertezt attacks, given a public-key cryptosystern secure against passive…

### A public key cryptosystem and a signature scheme based on discrete logarithms

- Computer Science, MathematicsIEEE Trans. Inf. Theory
- 1984

A new signature scheme is proposed, together with an imple- mentation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem that relies on the difficulty of computing discrete logarithms over finite fields.

### Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks

- Computer Science, MathematicsCRYPTO
- 1991

Two efficient constructions aimed at making public key systems secure against chosen ciphertext attacks are presented and a connection between such public-key systems and efficient identification schemes is pointed out.

### Practical Approaches to Attaining Security Against Adaptively Chosen Ciphertext Attacks (Extended Abstract)

- Computer Science, MathematicsCRYPTO
- 1992

This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks, based on the use of one-way hash functions, universal hash functions and the Use of digital signature schemes.

### Cryptanalysis of the Immunized LL Public Key Systems

- Computer Science, MathematicsCRYPTO
- 1995

This paper demonstrates that the RSA based scheme is insecure under an adaptive chosen ciphertext attack, and point weaknesses in the design of both their RSA and EI Gamal based schemes regarding the use of pseudorandom-generators.

### Probabilistic Encryption

- Computer Science, MathematicsJ. Comput. Syst. Sci.
- 1984

### Publicly Verifiable Secret Sharing

- Computer Science, MathematicsEUROCRYPT
- 1996

Publicly verifiable secret sharing schemes are called, new applications to escrow cryptosystems and to payment systems with revocable anonymity are discussed, and two new realizations based on ElGamal's Cryptosystem are presented.

### Optimal Asymmetric Encryption

- Computer Science, MathematicsEUROCRYPT
- 1994

A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.

### Publicly Veriiable Secret Sharing

- Computer Science, Mathematics
- 1996

Publicly veriiable secret sharing schemes are called, new applications to escrow cryptosystems and to payment systems with revocable anonymity are discussed, and two new realizations based on ElGamal's cryptos system are presented.

### Non-malleable cryptography

- Computer Science, MathematicsSTOC '91
- 1991

Non-malleable schemes for each of the contexts of string commitment and zero-knowledge proofs of possession of knowledge, where a user need not know anything about the number or identity of other system users are presented.