A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack

  title={A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack},
  author={Ronald Cramer and Victor Shoup},
  journal={IACR Cryptol. ePrint Arch.},
  • R. Cramer, V. Shoup
  • Published 23 August 1998
  • Computer Science, Mathematics
  • IACR Cryptol. ePrint Arch.
A new public key cryptosystem is proposed and analyzed. The scheme is quite practical, and is provably secure against adaptive chosen ciphertext attack under standard intractability assumptions. There appears to be no previous cryptosystem in the literature that enjoys both of these properties simultaneously. 
Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack
A new public-key encryption scheme, along with several variants, is proposed and analyzed that appear to be the first public- key encryption schemes in the literature that are simultaneously practical and provably secure.
A Practical Elliptic Curve Public Key Encryption Scheme Provably Secure Against Adaptive Chosen-message Attack
  • Huafei Zhu
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2003
A practical elliptic curve cryptosystem is derived by making use of some nice elliptic Curve where the decisional DiffieHellman assumption is reserved and is shown to be provably secure against adaptive chosen cipher-text attack.
An Efficient Public Key Cryptosystem Secure Against Chosen Ciphertext Attack
The main advantage of the schemes is that they employ a problem equivalent to the well-studied RSA problem, and thus the resulting schemes are as secure as the RSA system.
Improved PKC Provably Secure against Chosen Cipher text Attack
A new public key cryptosystem is presented which is based on Equivalent -RSA that is provably secure against adaptive chosen cipher text attack (as defined by Rackoff[22]).
Efficient Public-Key Cryptosystems Provably Secure Against Active Adversaries
Two new public-key cryptosystems semantically secure against adaptive chosen-ciphertext attacks are proposed, in the random oracle model, secure against active adversaries (NM-CCA2) under the assumptions that the Decision Composite Residuosity and Decision Partial Discrete Logarithms problems are intractable.
On DRSA Public Key Cryptosystem
  • Sahadeo Padhye
  • Computer Science, Mathematics
    Int. Arab J. Inf. Technol.
  • 2006
This paper underlined a shortcoming of that scheme and proposed an alternative DRSA public key cryptosystem that is not semantically secure.
A Novel Hybrid Encryption Scheme against Adaptive Chosen Ciphertext Attack
This work describes a practical hybrid encryption scheme based on the weaker LDDH assumption, and in the standard model prove to be CCA2-secure if the L DDH assumption is true.
A CCA2 Secure Public Key Encryption Scheme Based on the McEliece Assumptions in the Standard Model
We show that a recently proposed construction by Rosen and Segev can be used for obtaining the first public key encryption scheme based on the McEliece assumptions which is secure against adaptive
Rerandomizable and Replayable Adaptive Chosen Ciphertext Attack Secure Cryptosystems
A cryptosystem that is RCCA secure has full CCA2 security except for the little detail that it may be possible to modify a ciphertext into another ciphertext containing the same plaintext.
Public Key Encryption Schemes with Bounded CCA Security and Optimal Ciphertext Length Based on the CDH Assumption
This paper shows that the same result can be easily obtained based on weaker computational assumption, namely: the computational Diffie-Helman assumption.


Public-key cryptosystems provably secure against chosen ciphertext attacks
We show how to construct a public-key cryptosystem (as originally defined by DiNe and Hellman) secure against chosen ciphertezt attacks, given a public-key cryptosystern secure against passive
A public key cryptosystem and a signature scheme based on discrete logarithms
  • Taher El Gamal
  • Computer Science, Mathematics
    IEEE Trans. Inf. Theory
  • 1984
A new signature scheme is proposed, together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem that relies on the difficulty of computing discrete logarithms over finite fields.
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
Two efficient constructions aimed at making public key systems secure against chosen ciphertext attacks are presented and a connection between such public-key systems and efficient identification schemes is pointed out.
Practical Approaches to Attaining Security Against Adaptively Chosen Ciphertext Attacks (Extended Abstract)
This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks, based on the use of one-way hash functions, universal hash functions and the Use of digital signature schemes.
Cryptanalysis of the Immunized LL Public Key Systems
This paper demonstrates that the RSA based scheme is insecure under an adaptive chosen ciphertext attack, and point weaknesses in the design of both their RSA and EI Gamal based schemes regarding the use of pseudorandom-generators.
Probabilistic Encryption
Publicly Verifiable Secret Sharing
  • M. Stadler
  • Computer Science, Mathematics
  • 1996
Publicly verifiable secret sharing schemes are called, new applications to escrow cryptosystems and to payment systems with revocable anonymity are discussed, and two new realizations based on ElGamal's Cryptosystem are presented.
Optimal Asymmetric Encryption
A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.
Non-malleable cryptography
Non-malleable schemes for each of the contexts of string commitment and zero-knowledge proofs of possession of knowledge, where a user need not know anything about the number or identity of other system users are presented.
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
A formalization of chosen ciphertext attack is given in the model which is stronger than the "lunchtime attack" considered by Naor and Yung, and it is proved a non-interactive public-key cryptosystem based on non-Interactive zero-knowledge proof of knowledge to be secure against it.