Subtleties in the Definition of IND-CCA: When and How Should Challenge Decryption Be Disallowed?

@article{Bellare2009SubtletiesIT,
  title={Subtleties in the Definition of IND-CCA: When and How Should Challenge Decryption Be Disallowed?},
  author={Mihir Bellare and Dennis Hofheinz and Eike Kiltz},
  journal={Journal of Cryptology},
  year={2009},
  volume={28},
  pages={29-48}
}
IND-CCA (indistinguishability under adaptive chosen-ciphertext attacks) is a central notion of security for public-key encryption, defined and targeted in many papers. Non-triviality of the notion requires that the adversary not query the challenge ciphertext to the decryption oracle. We point out that this “no-challenge-decryption” condition can be… CONTINUE READING