On the Security of Multiple Encryption or CCA-security+CCA-security=CCA-security?

نویسندگان

  • Rui Zhang
  • Goichiro Hanaoka
  • Junji Shikata
  • Hideki Imai
چکیده

In a practical system, a message is often encrypted more than once by different encryptions, here called multiple encryption, to enhance its security. Additionally, new features may be achieved by multiple encrypting a message, such as the key-insulated cryptosystems and anonymous channels. Intuitively, a multiple encryption should remain “secure”, whenever there is one component cipher unbreakable in it. In NESSIE’s latest Portfolio of recommended cryptographic primitives (Feb. 2003), it is suggested to use multiple encryption with component ciphers based on different assumptions to acquire long term security. However, in this paper we show this needs careful discussion, especially, this may not be true according to adaptive chosen ciphertext attack (CCA), even with all component ciphers CCA-secure. We define an extended model of (standard) CCA called chosen ciphertext attack for multiple encryption (MECCA) emulating partial breaking of assumptions, and give constructions of multiple encryption satisfying ME-CCA-security. We further relax CCA by introducing weak ME-CCA (ME-wCCA) and study the relations among these definitions, proving ME-wCCA-security can be acquired by combining IND-CCA-secure component ciphers together. We then apply these results to key-insulated cryptosystem.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Relaxing Chosen-Ciphertext Security

Security against adaptive chosen ciphertext attacks (or, CCA security) has been accepted as the standard requirement from encryption schemes that need to withstand active attacks. In particular, it is regarded as the appropriate security notion for encryption schemes used as components within general protocols and applications. Indeed, CCA security was shown to suffice in a large variety of con...

متن کامل

CCA Secure Publicly Verifiable Public Key Encryption Without Pairings Nor Random Oracle and Its Applications

hosen ciphertext security (CCA security)hosen ciphertext security (CCA security)C is now a widely accepted necessary security notion for public key encryption. CCA secure public verifiable public key encryption has many applications such as threshold public key encryption and proxy re-encryption etc. Furthermore, these years “random oracle model” has seen risen criticize by many cryptographers....

متن کامل

Sender-Equivocable Encryption Schemes Secure against Chosen-Ciphertext Attacks Revisited

In Eurocrypt 2010, Fehr et al. proposed the first sender equivocable encryption scheme secure against chosen-ciphertext attack (NC-CCA) and proved that NC-CCA security implies security against selective opening chosen-ciphertext attack (SO-CCA). The NC-CCA security proof of the scheme relies on security against substitution attack of a new primitive, “cross-authentication code”. However, the se...

متن کامل

Parallel Decryption Queries in Bounded Chosen Ciphertext Attacks

Whether it is possible to construct a chosen ciphertext secure (CCA secure) public key encryption (PKE) scheme only from a chosen plaintext secure (CPA secure) one is a fundamental open problem, and the best known positive results regarding this problem are the constructions of so-called bounded CCA secure schemes. Since we can achieve the best possible security in the bounded CCA security noti...

متن کامل

Improving the Security of an Efficient Unidirectional Proxy Re-Encryption Scheme

A proxy re-encryption (PRE) scheme allows a designated proxy, that has beforehand received a so-called re-encryption key, to translate a ciphertext intended to one user to a ciphertext intended to another one. Traditionally, the re-encryption key is generated at the initiative of the initial receiver and ideally, no secret keys should be known to the proxy. Such scheme is said unidirectional if...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2003