Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks

@inproceedings{Damgrd1991TowardsPP,
  title={Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks},
  author={Ivan Damg{\aa}rd},
  booktitle={CRYPTO},
  year={1991}
}
  • I. Damgård
  • Published in CRYPTO 11 August 1991
  • Mathematics, Computer Science
We present two efficient constructions aimed at making public key systems secure against chosen ciphertext attacks. The first one applies to any deterministic public key system and modifies it into a system that is provably as hard to break under a passive attack as the original one, but has the potential of making a chosen ciphertext attack useless to an enemy. The second construction applies to the El Gamal/Diffie-Hellman public key system. Again, the modified system is provably as hard to… Expand
Practical Approaches to Attaining Security Against Adaptively Chosen Ciphertext Attacks (Extended Abstract)
TLDR
This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks, based on the use of one-way hash functions, universal hash functions and the Use of digital signature schemes. Expand
How to Enhance the Security of Public-Key Encryption at Minimum Cost
This paper presents a simple and efficient conversion from a semantically secure public-key encryption scheme against passive adversaries to a non-malleable (or semantically secure) public-keyExpand
An Efficient Public Key Cryptosystem Secure Against Chosen Ciphertext Attack
TLDR
The main advantage of the schemes is that they employ a problem equivalent to the well-studied RSA problem, and thus the resulting schemes are as secure as the RSA system. Expand
Immunizing Public Key Cryptosystems Against Chosen Ciphertext Attacks
TLDR
Three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks are presented and security of the three example cryptosSystems is formally proved. Expand
Another Method for Attaining Security Against Adaptively Chosen Ciphertext Attacks
TLDR
A new method for immunizing public key cryptosystems against adaptively chosen ciphertext attacks, where the deciphering algorithm first checks that the ciphertext is legitimate and then outputs the matching plaintext only when the check is successful. Expand
Securing Threshold Cryptosystems against Chosen Ciphertext Attack
TLDR
This paper presents two very practical threshold cryptosystems and proves that they are secure against chosen ciphertext attack in the random oracle model, and not only are these protocols computationally very efficient, but they are also non-interactive, which means they can be easily run over an asynchronous communication network. Expand
Cryptanalysis of the Immunized LL Public Key Systems
TLDR
This paper demonstrates that the RSA based scheme is insecure under an adaptive chosen ciphertext attack, and point weaknesses in the design of both their RSA and EI Gamal based schemes regarding the use of pseudorandom-generators. Expand
A New Security Definition for Public Key Encryption Schemes and Its Applications
TLDR
A slightly weaker version of IND-CCA is proposed, which requires ciphertexts of two randomly selected messages are indistinguishable under chosen ciphertext attacks, and it is shown that highly efficient schemes proven secure in the standard model can be built in a straightforward way. Expand
A Study on Efficient Identification Schemes Secure against Concurrent Man-in-the-Middle Attacks
TLDR
The ID schemes obtained from the proposed generic conversion from a KEM to an ID scheme are cMiM secure and show the highest efficiency in both computational amount and message length as compared with previously known c MiM secure ID schemes. Expand
Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack
TLDR
A new public-key encryption scheme, along with several variants, is proposed and analyzed that appear to be the first public- key encryption schemes in the literature that are simultaneously practical and provably secure. Expand
...
1
2
3
4
5
...

References

SHOWING 1-8 OF 8 REFERENCES
Public-key cryptosystems provably secure against chosen ciphertext attacks
We show how to construct a public-key cryptosystem (as originally defined by DiNe and Hellman) secure against chosen ciphertezt attacks, given a public-key cryptosystern secure against passiveExpand
An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information
TLDR
This paper introduces the first probabilistic public-key encryption scheme which combines the following two properties: perfect secrecy with respect to polynomial time eavesdroppers and effectiveness in both encoding and decoding time and bandwidth expansion. Expand
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
TLDR
A formalization of chosen ciphertext attack is given in the model which is stronger than the "lunchtime attack" considered by Naor and Yung, and it is proved a non-interactive public-key cryptosystem based on non-Interactive zero-knowledge proof of knowledge to be secure against it. Expand
A public key cryptosystem and a signature scheme based on discrete logarithms
A new signature scheme is proposed, together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem. The security of both systems relies on theExpand
A "Paradoxical'"Solution to the Signature Problem (Abstract)
TLDR
A general signature scheme which uses any pair of trap-door permutations for which it is infeasible to find any x, y with f0(x) = f1(y) and possesses the novel property of being robust against an adaptive chosen message attack. Expand
Diffie-Hellman is as Strong as Discrete Log for Certain Primes
TLDR
It is proven that both the discrete log problem and the Diffie-Hellman key exchange scheme are (probabilisticly) polynomial-time equivalent if the totient of P-l has only small prime factors with respect to a (fixed)Polynomial in 2logP. Expand
On the Composition of Zero-Knowledge Proof Systems
A basic question concerning zero-knowledge proof systems is whether their (sequential and/or parallel) composition is zero-knowledge too. This question is not only of natural theoretical interest,Expand
Zero-knowledge proofs of identity
TLDR
This paper defines the definition of unrestricted input zero- knowledge proofs of knowledge in which the prover demonstrates possession of knowledge without revealing any computational information whatsoever (not even the one bit revealed in zero-knowledge proofs of assertions). Expand