Efficient Encryption for Rich Message Spaces Under General Assumptions

We present a new family of public-key encryption schemes which combine modest computational demands with provable security guarantees under only general assumptions. The schemes may be realized with any one-way trapdoor permutation, and provide a notion of security corresponding to semantic security under the condition that the message space has sufficient entropy. Furthermore, these schemes can be implemented with very few applications of the underlying one-way permutation: schemes which provide security for message spaces in f0;1gn with minimum entropy n ` can be realized with `+w(k) logk applications of the underlying one-way trapdoor permutation. Here k is the security parameter and w(k) is any function which tends to infinity. In comparison, extant systems offering full semantic security require roughly n applications of the underlying one-way trapdoor permutation. Finally, we give a simplified proof of a fundamental “elision lemma” of Goldwasser and Micali.