Abstract
Assuming a cryptographically strong cyclic group G of prime order q and a random hash function H, we show that ElGamal encryption with an added Schnorr signature is secure against the adaptive chosen ciphertext attack, in which an attacker can freely use a decryption oracle except for the target ciphertext. We also prove security against the novel one-more-decyption attack. Our security proofs are in a new model, corresponding to a combination of two previously introduced models, the Random Oracle model and the Generic model. The security extends to the distributed threshold version of the scheme. Moreover, we propose a very practical scheme for private information retrieval that is based on blind decryption of ElGamal ciphertexts.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Abdalla, M. Bellare and P. Rogaway: DHES: An Encryption Scheme Based on the Diffie-Hellman Problem. Contributions to P1363, ftp://stdgbbs.ieee.org/pub/p1363/contributions/aes-uhf.ps
M. Bellare, A. Desai, D. Pointcheval and P. Rogaway: Plaintext Awareness, Non-Malleability, and Chosen Ciphertext Security: Implications and Separations. Crypto’98, LNCS 1462, pp. 26–45, 1998.
D. Boneh and R.J. Lipton: Algorithms for black-box fields and their application in cryptography. Crypto’96, LNCS 1109, pp. 283–297, 1996.
M. Bellare and P. Rogaway: Random Oracles are Practical: a Paradigms for Designing Efficient Protocols. 1st ACM Conference on Computer Communication Security, pp. 62–73, 1993.
M. Bellare and P. Rogaway: Optimal Asymmetric Encryption. Eurocrypt’ 94, LNCS 950, pp. 92–111, 1995.
R. Canetti, O. Goldreich and S. Halevi: The Random Oracle Methodology, Revisited. STOC’98, ACM Press, pp. 209–218, 1998.
R. Cramer and V. Shoup: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. Crypto’98, LNCS 1462, pp. 13–25, 1998.
D. Dolev, C. Dwork and M. Naor: Non-Malleable Cryptography. STOC’91, ACM Press pp. 542–552, 1991.
D. Dolev, C. Dwork and M. Naor: Non-Malleable Cryptography. Manuscript (updated, full length version of STOC paper), 1998.
T. ElGamal: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Trans. Inform. Theory, 31, pp. 469–472, 1985.
E. Fujisaki and T. Okamoto: Secure Integration of Asymmetric and Symmetric Encryption Schemes. Crypto’99, LNCS 1666, pp. 537–554, 1999.
U. Feige, A. Fiat and A. Shamir: Zero-knowledge proofs of identity. J. Cryptology, 1, pp. 77–94, 1988.
A. Fiat and A. Shamir: How to Prove Yourself: Practical Solutions of Identi fication and Signature Problems. Proc. Crypto’86, LNCS 263, pp. 186–194, 1987.
S. Goldwasser and S. Micali: Probabilistic Encryption. J. Computer and System Sciences, 28, pp. 270–299,1984.
M. Jakobsson: A Practical Mix. Eurocrypt’98, LNCS 1403, pp. 448–461, 1998.
A. Menezes, P. van Oorschot and S. Vanstone: Handbook of Applied Cryptography. CRC Press, Inc., 1996.
V.I. Nechaev: Complexity of a Determinate Algorithm for the Discrete Logarithm. Mathematical Notes 55, pp. 165–172, 1994.
C. Racko. and D.R. Simon: Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack. Crypto’91, LNCS 576, pp. 433–444, 1992.
J. Schwartz: Fast probabilistic algorithms for verification of polynomial identities. J. ACM, 27(4), pp. 701–717, 1980.
C.P. Schnorr: Efficient Signature Generation for Smart Cards. Journal of Cryptology 4 (1991), pp. 161–174.
C.P. Schnorr and M. Jakobsson: Security of Discrete Log Cryptosystems in the Random Oracle and Generic Model. TR report University Frankfurt and Bell Laboratories 1999.
C.P. Schnorr: Small Generic Hardcore Subsets for the Discrete Logarithm: Short Secret DL-Keys. Presented at rump session of Eurocrypt’2000.
V. Shoup: Lower Bounds for Discrete Logarithms and Related Problems. Eurocrypt’97, LNCS 1233, pp. 256–266, 1997.
V. Shoup: Using Hash Functions as a Hedge against Chosen Ciphertext Attack. Eurocrypt’2000, LNCS 1807, pp. 275–288, 2000.
V. Shoup and R. Gennaro: Securing Threshold Cryptosystems against Chosen Ciphertext Attacks. Eurocrypt’98, LNCS 1404, pp. 1–16, 1998.
Y. Tsiounis and M. Yung, On the Security of ElGamal Based Encryption. PKS’98, LNCS 1431, pp. 117–134, 1998.
Y. Zheng and J. Seberry, Practical Approaches to Attaining Security against Adaptively Chosen Ciphertext Attacks. Crypto’92, LNCS 740, pp. 292–304, 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schnorr, C.P., Jakobsson, M. (2000). Security of Signed ElGamal Encryption. In: Okamoto, T. (eds) Advances in Cryptology — ASIACRYPT 2000. ASIACRYPT 2000. Lecture Notes in Computer Science, vol 1976. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44448-3_7
Download citation
DOI: https://doi.org/10.1007/3-540-44448-3_7
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41404-9
Online ISBN: 978-3-540-44448-0
eBook Packages: Springer Book Archive