International Workshop on Public Key Cryptography

PKC 2011: Public Key Cryptography – PKC 2011 pp 246-264

Parallel Decryption Queries in Bounded Chosen Ciphertext Attacks

  • Takahiro Matsuda
  • Kanta Matsuura
Conference paper

DOI: 10.1007/978-3-642-19379-8_15

Volume 6571 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Matsuda T., Matsuura K. (2011) Parallel Decryption Queries in Bounded Chosen Ciphertext Attacks. In: Catalano D., Fazio N., Gennaro R., Nicolosi A. (eds) Public Key Cryptography – PKC 2011. PKC 2011. Lecture Notes in Computer Science, vol 6571. Springer, Berlin, Heidelberg


Whether it is possible to construct a chosen ciphertext secure (CCA secure) public key encryption (PKE) scheme only from a chosen plaintext secure (CPA secure) one is a fundamental open problem, and the best known positive results regarding this problem are the constructions of so-called bounded CCA secure schemes. Since we can achieve the best possible security in the bounded CCA security notions, in order to further tackle the problem, we would need other new security notions that capture intermediate security notions that lie between CPA and CCA security. Motivated by this situation, we focus on ‘‘parallel” decryption queries (originally introduced by Bellare and Sahai) for the extension of bounded CCA security, and introduce a new security notion which we call mixed CCA security. It captures security against adversaries that make single and parallel decryption queries in a predetermined order, where each parallel query can contain unboundedly many ciphertexts. Moreover, how the decryption oracle is available before and after the challenge is also taken into account in this new security definition, which enables us to capture existing major security notions that lie between CPA and CCA security in a unified security notion. We investigate the relations among mixed CCA security notions, and show a necessary and sufficient condition of implications/separations between any two notions in mixed CCA security. We also show two black-box constructions of PKE schemes with improved security only using CPA secure schemes as building blocks.


public key encryptionbounded CCA securityparallel decryption queryrelations among security notionsblack-box construction
Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Takahiro Matsuda
    • 1
  • Kanta Matsuura
    • 1
  1. 1.The University of TokyoJapan