Why Chosen Ciphertext Security Matters
نویسنده
چکیده
This article motivates the importance of public-key cryptosystems that are secure against chosen ciphertext attack, and of rigorous security proofs. It also discusses the new cryptosystem developed by Cramer and Shoup, and its relevance in this regard.
منابع مشابه
On the Security of Padding-Based Encryption Schemes - or - Why We Cannot Prove OAEP Secure in the Standard Model
We investigate the security of “padding-based” encryption schemes in the standard model . This class contains all public-key encryption schemes where the encryption algorithm first applies some invertible public transformation to the message (the “padding”), followed by a trapdoor permutation. In particular, this class contains OAEP and its variants. Our main result is a black-box impossibility...
متن کاملEfficient File Sharing in Electronic Health Records
The issue of handling electronic health records have become paramount interest to the practitioners and security community, due to their sensitivity. In this paper, we propose a framework that enables medical practitioners to securely communicate among themselves to discuss health matters, and the patients can be rest assured that the information will only be made available to eligible medical ...
متن کاملWhy Chosen
LIMITED DISTRIBUTION NOTICE This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and spe...
متن کاملHow to Enhance the Security of Public-Key Encryption at Minimum Cost
This paper presents a simple and generic conversion from a publickey encryption scheme which is indistinguishable against chosen-plaintext attacks into a public-key encryption scheme which is indistinguishable against adaptive chosen-ciphertext attacks in the random oracle model. The scheme obtained by the conversion is as e cient as the original encryption scheme and the security reduction is ...
متن کاملEquivalence between Semantic Security and Indistinguishability against Chosen Ciphertext Attacks
The aim of this work is to examine the relation between the notions of semantic security and indistinguishability against chosen ciphertext attacks. For this purpose, a new security notion called nondividability is introduced independent of attack models, and is shown to be equivalent to each of the previous two notions. This implies the equivalence between semantic security and indistinguishab...
متن کامل