Relations among notions of security for publickey encryption schemes
 Mihir Bellare,
 Anand Desai,
 David Pointcheval,
 Phillip Rogaway
 … show all 4 hide
Abstract
We compare the relative strengths of popular notions of security for public key encryption schemes. We consider the goals of privacy and nonmalleability, each under chosen plaintext attack and two kinds of chosen ciphertext attack. For each of the resulting pairs of definitions we prove either an implication (every scheme meeting one notion must meet the other) or a separation (there is a scheme meeting one notion but not the other, assuming the first notion can be met at all). We similarly treat plaintext awareness, a notion of security in the random oracle model. An additional contribution of this paper is a new definition of nonmalleability which we believe is simpler than the previous one.
 M. Bellare, R. Canetti and H. Krawczyk, A modular approach to the design and analysis of authentication and key exchange protocols. Proceedings of the 30th Annual Symposium on Theory of Computing, ACM, 1998.
 M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway, Relations among notions of security for publickey encryption schemes. Pull version of this paper, available via http://wwwcse.ucsd.edu/users/mihir/
 M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. First ACM Conference on Computer and Communications Security, ACM, 1993.
 M. Bellare and P. Rogaway, Optimal asymmetric encryption — How to encrypt with RSA. Advances in Cryptology — Eurocrypt 94 Proceedings, Lecture Notes in Computer Science Vol. 950, A. De Santis ed., SpringerVerlag, 1994.
 M. Bellare and A. Sahai, private communication, May 1998.
 D. Bleichenbacher, A chosen ciphertext attack against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology — CRYPTO '98 Proceedings, Lecture Notes in Computer Science, H. Krawczyk, ed., SpringerVerlag 1998.
 M. Blum, P. Feldman and S. Micali, Noninteractive zeroknowledge and its applications. Proceedings of the 20th Annual Symposium on Theory of Computing, ACM, 1988.
 R. Cramer and V. Shoup, A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. Advances in Cryptology — CRYPTO '98 Proceedings, Lecture Notes in Computer Science, H. Krawczyk, ed., SpringerVerlag 1998.
 I. Damgård, Towards practical public key cryptosystems secure against chosen ciphertext attacks. Advances in Cryptology — Crypto 91 Proceedings, Lecture Notes in Computer Science Vol. 576, J. Feigenbaum ed., SpringerVerlag, 1991.
 A. De Santis and G. Persiano, Zeroknowledge proofs of knowledge without interaction. Proceedings of the 33rd Symposium on Foundations of Computer Science, IEEE, 1992.
 D. Dolev, C. Dwork, and M. Naor, Nonmalleable cryptography. Proceedings of the 23rd Annual Symposium on Theory of Computing, ACM, 1991.
 D. Dolev, C. Dwork, and M. Naor, Nonmalleable cryptography. Technical Report CS9527, Weizmann Institute of Science, 1995.
 D. Dolev, C. Dwork, and M. Naor, Nonmalleable cryptography. Manuscript, 1998.
 O. Goldreich, A uniform complexity treatment of encryption and zeroknowledge. Journal of Cryptology, Vol. 6, 1993, pp. 21–53.
 Z. Galil, S. Haber and M. Yung, Symmetric public key encryption. Advances in Cryptology — Crypto 85 Proceedings, Lecture Notes in Computer Science Vol. 218, H. Williams ed., SpringerVerlag, 1985.
 Z. Galil, S. Haber and M. Yung, Security against replay chosen ciphertext attack. Distributed Computing and Cryptography, DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 2, ACM, 1991.
 S. Goldwasser and S. Micali, Probabilistic encryption. Journal of Computer and System Sciences, 28:270–299, 1984. CrossRef
 O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions. Journal of the ACM, Vol. 33, No. 4, 1986, pp. 210–217. CrossRef
 J. Håstad, R. Impagliazzo, L. Levin and M. Luby, Construction of a pseudorandom generator from any oneway function. Manuscript. Earlier versions in STOC 89 and STOC 90.
 R. Impagliazzo and M. Luby, Oneway functions are essential for complexity based cryptography. Proceedings of the 30th Symposium on Foundations of Computer Science, IEEE, 1989.
 S. Micali, C. Rackoff and R. Sloan, The notion of security for probabilistic cryptosystems. SIAM J. of Computing, April 1988.
 M. Naor, private communication, March 1998.
 M. Naor and M. Yung, Publickey cryptosystems provably secure against chosen ciphertext attacks. Proceedings of the 22nd Annual Symposium on Theory of Computing, ACM, 1990.
 C. Rackoff and D. Simon, Noninteractive zeroknowledge proof of knowledge and chosen ciphertext attack. Advances in Cryptology — Crypto 91 Proceedings, Lecture Notes in Computer Science Vol. 576, J. Feigenbaum ed., SpringerVerlag, 1991.
 SETCo (Secure Electronic Transaction LLC), The SET standard book 3 formal protocol definitions (version 1.0). May 31, 1997. Available from http://www.setco.org/
 Y. Zheng and J. Seberry, Immunizing public key cryptosystems against chosen ciphertext attack. IEEE Journal on Selected Areas in Communications, vol. 11, no. 5, 715–724 (1993). CrossRef
 Title
 Relations among notions of security for publickey encryption schemes
 Book Title
 Advances in Cryptology — CRYPTO '98
 Book Subtitle
 18th Annual International Cryptology Conference Santa Barbara, California, USA August 23–27, 1998 Proceedings
 Pages
 pp 2645
 Copyright
 1998
 DOI
 10.1007/BFb0055718
 Print ISBN
 9783540648925
 Online ISBN
 9783540684626
 Series Title
 Lecture Notes in Computer Science
 Series Volume
 1462
 Series ISSN
 03029743
 Publisher
 Springer Berlin Heidelberg
 Copyright Holder
 SpringerVerlag
 Additional Links
 Topics
 Industry Sectors
 eBook Packages
 Editors
 Authors

 Mihir Bellare ^{(1)}
 Anand Desai ^{(1)}
 David Pointcheval ^{(2)} ^{(2)}
 Phillip Rogaway ^{(3)}
 Author Affiliations

 1. Dept. of Computer Science & Engineering, University of California at San Diego, 9500 Gilman Drive, 92093, La Jolla, CA, USA
 2. Laboratoire d'Informatique de l'École Normale Supérieure, 75005, Paris, France
 2. GREYC, Dépt d'Informatique, Université de Caen, 14032, Caen Cedex, France
 3. Dept. of Computer Science, Engineering II Bldg., University of California at Davis, 95616, Davis, CA, USA
Continue reading...
To view the rest of this content please follow the download PDF link above.