Abstract
This paper presents a generic conversion from weak asymmetric and symmetric encryption schemes to an asymmetric encryption scheme that is chosen-ciphertext secure in the random oracle model. Our conversion is the first generic transformation from an arbitrary one-way asymmetric encryption scheme to a chosen-ciphertext secure asymmetric encryption scheme in the random oracle model.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
M. Abdalla, M. Bellare, P. Rogaway, DHIES: An encryption scheme based on the Diffie–Hellman problem, in IEEE P1363a, September 2001 (2001). ANSI X9.63EC, and SECG
M. Abdalla, M. Bellare, P. Rogaway, DHAES: An encryption scheme based on the Diffie–Hellman problem. Submission to IEEE P1363, November 1998. http://grouper.ieee.org/groups/1363/StudyGroup/
M. Abe, R. Gennaro, K. Kurosawa, Tag-KEM/DEM: A new framework for hybrid encryption. J. Cryptol. 21(1), 97–130 (2008)
M. Bellare, A. Palacio, Towards plaintext-aware public-key encryption without random oracles, in Advances in Cryptology—Asiacrypt 2004, ed. by P.J. Lee. Lecture Notes in Computer Science, vol. 3329 (Springer, Berlin, 2004), pp. 48–62
M. Bellare, P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, in First ACM Conference on Computer and Communication Security (ACM, New York, 1993), pp. 62–73
M. Bellare, P. Rogaway, Optimal asymmetric encryption, in Advances in Cryptology—EUROCRYPT’94, ed. by A.D. Santis. Lecture Notes in Computer Science, vol. 950 (Springer, Berlin, 1995), pp. 92–111
M. Bellare, A. Desai, D. Pointcheval, P. Rogaway, Relations among notions of security for public-key encryption schemes, in Advances in Cryptology—CRYPTO’98, ed. by H. Krawczyk. Lecture Notes in Computer Science, vol. 1462 (Springer, Berlin, 1998), pp. 26–45
D. Boneh, R. Canetti, S. Halevi, J. Katz, Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007)
R. Canetti, S. Halevi, J. Katz, Chosen-ciphertext security from identity based encryption, in Advances in Cryptology—EUROCRYPT 2004, ed. by C. Cachin, J. Camenisch. Lecture Notes in Computer Science, vol. 3027 (Springer, Berlin, 2004), pp. 207–222
D. Cash, E. Kiltz, V. Shoup, The twin Diffie–Hellman problem and applications, in EUROCRYPT, ed. by N.P. Smart. Lecture Notes in Computer Science, vol. 4965 (Springer, Berlin, 2008), pp. 127–145
R. Cramer, V. Shoup, A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack, in Advances in Cryptology—CRYPTO’98, ed. by H. Krawczyk. Lecture Notes in Computer Science, vol. 1462 (Springer, Berlin, 1998), pp. 13–25
R. Cramer, V. Shoup, Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in Advances in Cryptology—EUROCRYPT’02. Lecture Notes in Computer Science (Springer, Berlin, 2002), pp. 45–64
R. Cramer, V. Shoup, Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2004). Early version in CRYPTO’98
R. Cramer, D. Hofheinz, E. Kiltz, A twist on the Naor–Yung paradigm and its application to efficient cca-secure encryption from hard search problems, in Theory of Cryptography—TCC 2010. Lecture Notes in Computer Science, vol. 5978 (Springer, Berlin, 2010), pp. 146–164
I. Damgård, Towards practical public key systems secure against chosen ciphertext attacks, in Advances in Cryptology—CRYPTO’91, ed. by J. Feigenbaum. Lecture Notes in Computer Science, vol. 576 (Springer, Berlin, 1992), pp. 445–456
D. Dolev, C. Dwork, M. Naor, Non-malleable cryptography. SIAM J. Comput. 30(2), 391–437 (2000) (Presented in STOC’91)
Y. Frankel, M. Yung, Cryptoanalysis of the immunized LL public key systems, in Advances in Cryptology—CRYPTO’95, ed. by D. Coppersmith. Lecture Notes in Computer Science, vol. 963 (Springer, Berlin, 1995), pp. 287–296
E. Fujisaki, T. Okamoto, Secure integration of asymmetric and symmetric encryption schemes, in Advances in Cryptology—CRYPTO’99, ed. by M. Wiener. Lecture Notes in Computer Science, vol. 1666 (Springer, Berlin, 1999), pp. 537–554
E. Fujisaki, T. Okamoto, How to enhance the security of public-key encryption at minimum cost. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E83-A(1), 24–32 (2000). Early Version in PKC’99
E. Fujisaki, T. Okamoto, D. Pointcheval, J. Stern, RSA-OAEP is secure under the RSA assumption, in Advances in Cryptology—CRYPTO2001, ed. by J. Kilian. Lecture Notes in Computer Science, vol. 2139 (Springer, Berlin, 2001), pp. 260–274
D. Galindo, S. Martin, P. Morillo, J. Villar, Fujisaki-Okamoto IND-CCA hybrid encryption revisited. Technical report, IACR, May 2003. http://eprint.iacr.org/2003/107
O. Goldreich, A uniform-complexity treatment of encryption and zero-knowledge. J. Cryptol. 6(1), 21–53 (1993)
O. Goldreich, L. Levin, A hard-core predicate for all one-way functions, in Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC’89) (1989), pp. 25–32
S. Goldwasser, S. Micali, Probabilistic encryption. J. Comput. Syst. Sci. 28, 270–299 (1984)
D. Hofheinz, E. Kiltz, Secure hybrid encryption from weakened key encapsulation, in CRYPTO, ed. by A. Menezes. Lecture Notes in Computer Science, vol. 4622 (Springer, Berlin, 2007), pp. 553–571
D. Hofheinz, E. Kiltz, Practical chosen ciphertext secure encryption from factoring, in EUROCRYPT, ed. by A. Joux. Lecture Notes in Computer Science, vol. 5479 (Springer, Berlin, 2009), pp. 313–332
M. Joye, J. Quisquater, M. Yung, On the power of misbehaving adversaries and security analysis of the original epoc, in CT—RSA’2001. Lecture Notes in Computer Science, vol. 2020 (Springer, Berlin, 2001), pp. 208–222
J. Kilian, P. Rogaway, How to protect DES against exhaustive key search (an analysis of DESX). J. Cryptol. 14(1), 17–35 (2001). Early version in CRYPTO’96
E. Kiltz, K. Pietrzak, M. Stam, M. Yung, A new randomness extraction paradigm for hybrid encryption, in Advances in Cryptology—EUROCRYPT 2009, ed. by A. Joux. Lecture Notes in Computer Science, vol. 5479 (Springer, Berlin, 2009), pp. 590–609
K. Kurosawa, Y. Desmedt, A new paradigm of hybrid encryption scheme, in Advances in Cryptology—CRYPTO 2004, ed. by M. Franklin. Lecture Notes in Computer Science, vol. 3152 (Springer, Berlin, 2004), pp. 426–442
C. Lim, P. Lee, Another method for attaining security against adaptively chosen ciphertext attacks, in Advances in Cryptology—CRYPTO’93, ed. by D. Stinson. Lecture Notes in Computer Science, vol. 773 (Springer, Berlin, 1993)
Y. Lindell, A simpler construction of cca2-secure public-key encryption under general assumptions, in Advances in Cryptology—EUROCRYPT’03, ed. by E. Biham. Lecture Notes in Computer Science, vol. 2656 (Springer, Berlin, 2003), pp. 241–254
M. Naor, M. Yung, Public-key cryptosystems provably secure against chosen ciphertext attacks, in Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC’90) (1990), pp. 427–437
T. Okamoto, D. Pointcheval, REACT: Rapid enhanced-security asymmetric cryptosystem transform, in CT—RSA’2001. Lecture Notes in Computer Science, vol. 2020 (Springer, Berlin, 2001), pp. 159–175
T. Okamoto, S. Uchiyama, A new public-key cryptosystem as secure as factoring, in Advances in Cryptology—EUROCRYPT’98, ed. by K. Nyberg. Lecture Notes in Computer Science, vol. 1403 (Springer, Berlin, 1998), pp. 308–318
T. Okamoto, S. Uchiyama, E. Fujisaki, EPOC: Efficient probabilistic public-key encryption. Submission to IEEE P1363. http://info.isl.ntt.co.jp/epoc
C. Peikert, B. Waters, Lossy trapdoor functions and their applications, in Proceedings of the 40th Annual ACM Symposium on Theory of Computing (STOC’08) (2008)
D.H. Phan, D. Pointcheval, OAEP 3-round: A generic and secure asymmetric encryption padding, in Advances in Cryptology—Asiacrypt 2004, ed. by P.J. Lee. Lecture Notes in Computer Science, vol. 3329 (Springer, Berlin, 2004), pp. 63–78
D. Pointcheval, Chosen-ciphertext security for any one-way cryptosystem, in 3rd International Workshop on Practice and Theory in Public Key Cryptography—PKC’00, ed. by H. Imai, Y. Zheng. Lecture Notes in Computer Science, vol. 1751 (Springer, Berlin, 2000), pp. 129–146
C. Rackoff, D. Simon, Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack, in Advances in Cryptology—CRYPTO’91, ed. by J. Feigenbaum. Lecture Notes in Computer Science, vol. 576 (Springer, Berlin, 1992), pp. 433–444
A. Rosen, G. Segev, Chosen-ciphertext security via correlated products, in Theory of Cryptography—TCC 2009, ed. by O. Reingold. Lecture Notes in Computer Science, vol. 5444 (Springer, Berlin, 2009), pp. 419–436
A. Sahai, Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security, in Proceedings of the 40th IEEE Annual Symposium on Foundations of Computer Science (FOCS’99) (1999), pp. 543–553
K. Sakurai, T. Takagi, A reject timing attack on an ind-cca2 public-key cryptosystem, in ICISC’02. Lecture Notes in Computer Science, vol. 2587 (Springer, Berlin, 2001), pp. 359–373
V. Shoup, OAEP Reconsidered, in Advances in Cryptology—CRYPTO2001, ed. by J. Kilian. Lecture Notes in Computer Science, vol. 2139 (Springer, Berlin, 2001), pp. 239–259
V. Shoup, A proposal for an ISO standard for public key encryption. Technical report, Cryptology ePrint Archive, Report 2001/112, December 2001
H. Wee, Efficient chosen-ciphertext security via extractable hash proofs, in CRYPTO, ed. by T. Rabin. Lecture Notes in Computer Science, vol. 6223 (Springer, Berlin, 2010), pp. 314–332
Y. Zheng, J. Seberry, Immunizing public key cryptosystems against chosen ciphertext attacks. J. Sel. Areas Commun. 11(5) (1993)
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Dan Boneh
This is the full version of the paper [18] by fixing bugs and providing a clean, formal proof associated with a better security bound.
Rights and permissions
About this article
Cite this article
Fujisaki, E., Okamoto, T. Secure Integration of Asymmetric and Symmetric Encryption Schemes. J Cryptol 26, 80–101 (2013). https://doi.org/10.1007/s00145-011-9114-1
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-011-9114-1