Failing Gracefully: Decryption Failures and the Fujisaki-Okamoto Transform

Quantum security of the Fujisaki-Okamoto transform

In this paper, we present a hybrid encryption scheme that is chosen ciphertext secure in the quantum random oracle model. Our scheme is a combination of an asymmetric and a symmetric encryption scheme that are secure in a weak sense. It is a slight modi cation of Fujisaki and Okamoto's transformation that is secure against classical adversaries. keywords: Quantum, Random Oracle, Indistinguishab...

The Fujisaki-Okamoto Transformation

Post-Quantum Security of the Fujisaki-Okamoto and OAEP Transforms

In this paper, we present a hybrid encryption scheme that is chosen ciphertext secure in the quantum random oracle model. Our scheme is a combination of an asymmetric and a symmetric encryption scheme that are secure in a weak sense. It is a slight modification of the Fujisaki-Okamoto transform that is secure against classical adversaries. In addition, we modify the OAEP-cryptosystem and prove ...

Applying Fujisaki-Okamoto to Identity-Based Encryption

The Fujisaki-Okamoto (FO) conversion is widely known to be able to generically convert a weak public key encryption scheme, say one-way against chosen plaintext attacks (OW-CPA), to a strong one, namely, indistinguishable against adaptive chosen ciphertext attacks (IND-CCA). It is not known that if the same holds for identity-based encryption (IBE) schemes, though many IBE and variant schemes a...

Fujisaki-Okamoto IND-CCA hybrid encryption revisited

At Crypto’99, Fujisaki and Okamoto [10] presented a nice generic transformation from weak asymmetric and symmetric schemes into an IND-CCA hybrid encryption scheme in the Random Oracle Model. From this transformation, two specific candidates to standardization were designed: EPOC-2 [9] and PSEC2 [16], based on Okamoto-Uchiyama and El Gamal primitives, respectively. Since then, several cryptanal...