Hybrid Damgård Is CCA1-Secure under the DDH Assumption

Desmedt, Yvo; Lipmaa, Helger; Phan, Duong Hieu

doi:10.1007/978-3-540-89641-8_2

Hybrid Damgård Is CCA1-Secure under the DDH Assumption

Yvo Desmedt⁴,
Helger Lipmaa⁵ &
Duong Hieu Phan⁶

Conference paper

662 Accesses
2 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5339))

Abstract

In 1991, Damgård proposed a simple public-key cryptosystem that he proved CCA1-secure under the Diffie-Hellman Knowledge assumption. Only in 2006, Gjøsteen proved its CCA1-security under a more standard but still new and strong assumption. The known CCA2-secure public-key cryptosystems are considerably more complicated. We propose a hybrid variant of Damgård’s public-key cryptosystem and show that it is CCA1-secure if the used symmetric cryptosystem is CPA-secure, the used MAC is unforgeable, the used key-derivation function is secure, and the underlying group is a DDH group. The new cryptosystem is the most efficient known CCA1-secure hybrid cryptosystem based on standard assumptions.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions And An Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)
Chapter Google Scholar
Bellare, M., Palacio, A.: Towards Plaintext-Aware Public-Key Encryption Without Random Oracles. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 48–62. Springer, Heidelberg (2004)
Chapter Google Scholar
Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)
Chapter Google Scholar
Cramer, R., Shoup, V.: Design And Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack. SIAM Journal of Computing 33(1), 167–226 (2004)
Article MathSciNet MATH Google Scholar
Damgård, I.: Towards Practical Public Key Systems Secure against Chosen Ciphertext Attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445–456. Springer, Heidelberg (1992)
Google Scholar
Desmedt, Y., Phan, D.H.: A CCA Secure Hybrid Damgård’s ElGamal Encryption. In: Bao, F., Chen, K. (eds.) ProvSec 2008. LNCS, vol. 5324. Springer, Heidelberg (2008)
Google Scholar
Elgamal, T.: A Public Key Cryptosystem And A Signature Scheme Based on Discrete Logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)
Article MathSciNet MATH Google Scholar
Gjøsteen, K.: A New Security Proof for Damgård’s ElGamal. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 150–158. Springer, Heidelberg (2006)
Chapter Google Scholar
Gennaro, R., Shoup, V.: A Note on An Encryption Scheme of Kurosawa And Desmedt. Technical Report 2004/194, International Association for Cryptologic Research (August 10, 2004) (last revision May 18 2005), http://eprint.iacr.org/2004/194
Hofheinz, D., Kiltz, E.: Secure Hybrid Encryption from Weakened Key Encapsulation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 553–571. Springer, Heidelberg (2007)
Chapter Google Scholar
Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M.K. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)
Chapter Google Scholar
Kiltz, E., Pietrzak, K., Stam, M., Yung, M.: A New Randomness Extraction Paradigm for Hybrid Encryption. Technical Report 2008/304, International Association for Cryptologic Research (October 2008), http://eprint.iacr.org/2008/304
Lipmaa, H.: On CCA1-Security of Elgamal And Damgård Cryptosystems. Technical Report 2008/234, International Association for Cryptologic Research (October 2008), http://eprint.iacr.org/2008/234
Shoup, V.: Using Hash Functions as A Hedge against Chosen Ciphertext Attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 275–288. Springer, Heidelberg (2000)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

University College London, UK
Yvo Desmedt
Cybernetica AS, Estonia
Helger Lipmaa
University of Paris 8, France
Duong Hieu Phan

Authors

Yvo Desmedt
View author publications
You can also search for this author in PubMed Google Scholar
Helger Lipmaa
View author publications
You can also search for this author in PubMed Google Scholar
Duong Hieu Phan
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science, University of California, Davis, USA
Matthew K. Franklin
Department of Computer Science, The University of Hong Kong, Pokfulam Road, Hong Kong, China
Lucas Chi Kwong Hui
Department of Computer Science, City University of Hong Kong, Hong Kong, Hong Kong
Duncan S. Wong

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Desmedt, Y., Lipmaa, H., Phan, D.H. (2008). Hybrid Damgård Is CCA1-Secure under the DDH Assumption. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds) Cryptology and Network Security. CANS 2008. Lecture Notes in Computer Science, vol 5339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89641-8_2

Download citation

DOI: https://doi.org/10.1007/978-3-540-89641-8_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89640-1
Online ISBN: 978-3-540-89641-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics