Rethinking Chosen-Ciphertext Security under Kerckhoffs' Assumption
نویسندگان
چکیده
Any software claiming to cryptographically protect the data should use an encryption algorithm that meets public standards, and has an extensive history of independent cryptanalytic validation. However, even though they encrypt with strong encryption algorithm, most existing public-key cryptosystems, including RSA-OAEP, do not consider the “memory reconstruction attack” or the “memory core-dump attack” mounted by computer forensic software, information stealing viruses, or other accidental reasons. To deal with this situation, this paper attempts to analyze the existing provably secure cryptosystems under “Kerckhoffs’ assumption” : an attacker knows all details of the cryptosystem except the key information, which security consequently rests entirely upon.
منابع مشابه
Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption
Recently Cash, Kiltz, and Shoup [13] showed a variant of the Cramer-Shoup (CS) scheme [14] whose chosen-ciphertext (CCA) security relies on the computational Diffie-Hellman (CDH) assumption. The cost for this high security is that the size of ciphertexts is much longer than the CS scheme (which is based on the decisional Diffie-Hellman assumption). In this paper, we show how to achieve CCA-secu...
متن کاملA Robust and Plaintext-Aware Variant of Signed ElGamal Encryption
Adding a Schnorr signature to ElGamal encryption is a popular proposal aiming at thwarting chosen-ciphertext attacks by rendering the scheme plaintext-aware. However, there is no known security proof for the resulting scheme, at least not in a weaker model than the one obtained by combining the Random Oracle Model (ROM) and the Generic Group Model (Schnorr and Jakobsson, ASIACRYPT 2000). In thi...
متن کاملOn The Security of The ElGamal Encryption Scheme and Damgard's Variant
In this paper, we give security proofs for ElGamal encryption scheme and its variant by Damg̊ard (DEG). For the ElGamal encryption, we show that (1) under the delayed-target discrete log assumption and a variant of the generalized knowledge-of-exponent assumption, ElGamal encryption is one-way under non-adaptive chosen cipher attacks; (2) one-wayness of ElGamal encryption under non-adaptive chos...
متن کاملSimple and Efficient Public-Key Encryption from Computational Diffie-Hellman in the Standard Model
This paper proposes practical chosen-ciphertext secure public-key encryption systems that are provably secure under the computational Diffie-Hellman assumption, in the standard model. Our schemes are conceptually simpler and more efficient than previous constructions. We also show that in bilinear groups the size of the public-key can be shrunk from n to 2 √ n group elements, where n is the sec...
متن کاملProvably Secure Length-saving Public-key Encryption Scheme under the Computational Diie-hellman Assumption
A design of secure and eecient public-key encryption schemes under weaker computational assumptions has been regarded as an important and challenging task. As far as ElGamal-type encryption schemes are concerned, some variants of the original ElGamal encryption scheme based on the weaker computational assumption have been proposed. For instance, security of the ElGamal variant of Fujisaki-Okamo...
متن کامل