GEM: A Generic Chosen-Ciphertext Secure Encryption Method

  • Jean-Sébastien Coron 
  • Helena Handschuh
  • Marc Joye
  • Pascal Paillier
  • David Pointcheval
  • Christophe Tymen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2271)

Abstract

This paper proposes an efficient and provably secure transform to encrypt a message with any asymmetric one-way cryptosystem. The resulting scheme achieves adaptive chosen-ciphertext security in the random oracle model.

Compared to previous known generic constructions (Bellare, Rogaway, Fujisaki, Okamoto, and Pointcheval), our embedding reduces the encryption size and/or speeds up the decryption process. It applies to numerous cryptosystems, including (to name a few) ElGamal, RSA, Okamoto- Uchiyama and Paillier systems.

Keywords

Public-key encryption hybrid encryption chosen-ciphertext security random oracle model generic conversion block ciphers stream ciphers 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway. Relations among notions of security for public-key encryption schemes. Full paper (30 pages), February 1999. An extended abstract appears in H. Krawczyk, ed., Advances in Cryptology-CRYPTO’98, volume 1462 of Lecture Notes in Computer Science, pages 26–45, Springer-Verlag, 1998.CrossRefGoogle Scholar
  2. 2.
    Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62–73. ACM Press, 1993.Google Scholar
  3. 3.
    Mihir Bellare and Phillip Rogaway. Optimal asymmetric encryption. In A. De Santis, editor, Advances in Cryptology-EUROCRYPT’94, volume 950 of Lecture Notes in Computer Science, pages 92–111. Springer-Verlag, 1995.CrossRefGoogle Scholar
  4. 4.
    Victor Boyko. On the security properties of OAEP as an all-or-nothing transform. Full paper (28 pages), August 1999. An extended abstract appears in M. Wiener, ed., Advances in Cryptology-CRYPTO’99, volume 1666 of Lecture Notes in Computer Science, pages 503–518, Springer-Verlag, 1999.CrossRefGoogle Scholar
  5. 5.
    Eiichiro Fujisaki and Tatsuaki Okamoto. How to enhance the security of public-key encryption at minimum cost. IEICE Transaction on of Fundamentals of Electronic Communications and Computer Science E83-A(1): 24–32, January 2000.Google Scholar
  6. 6.
    Eiichiro Fujisaki and Tatsuaki Okamoto. Secure integration of asymmetric and symmetric encryption schemes. In M. Wiener, editor, Advances in Cryptology-CRYPTO’99, volume 1666 of Lecture Notes in Computer Science, pages 537–554. Springer-Verlag, 1999.CrossRefGoogle Scholar
  7. 7.
    Eiichiro Fujisaki, Tatsuaki Okamoto, David Pointcheval, and Jacques Stern. RSAOAEP is secure under the RSA assumption. In J. Kilian, editor, Advances in Cryptology-CRYPTO2001, volume 2139 of Lecture Notes in Computer Science, pages 260–274. Springer-Verlag, 2001.Google Scholar
  8. 8.
    Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology-CRYPTO’97, volume 1294 of Lecture Notes in Computer Science, pages 46–74. Springer-Verlag, 1997.CrossRefGoogle Scholar
  9. 9.
    Oded Goldreich. Modern cryptography, probabilistic proofs and pseudo-randomness, volume 17 of Algorithms and Combinatorics. Springer-Verlag, 1999.Google Scholar
  10. 10.
    Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28:270–299, 1984.MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Moni Naor and Moti Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In 22nd ACM Annual Symposium on the Theory of Computing (STOC’ 90), pages 427–437. ACM Press, 1990.Google Scholar
  12. 12.
    Tatsuaki Okamoto and David Pointcheval. REACT: Rapid Enhanced-security Asymmetric Cryptosystem Transform. In D. Naccache, editor, Topics in Cryptology-CT-RSA 2001, volume 2020 of Lecture Notes in Computer Science, pages 159–175. Springer-Verlag, 2001.CrossRefGoogle Scholar
  13. 13.
    David Pointcheval. Chosen-ciphertext security for any one-way cryptosystem. In H. Imai and Y. Zheng, editors, Public Key Cryptography, volume 1751 of Lecture Notes in Computer Science, pages 129–146. Springer-Verlag, 2000.Google Scholar
  14. 14.
    Charles Rackoff and Daniel R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In J. Feigenbaum, editor, Advances in Cryptology-CRYPTO’91, volume 576 of Lecture Notes in Computer Science, pages 433–444. Springer-Verlag, 1992.Google Scholar
  15. 15.
    Ronald L. Rivest. All-or-nothing encryption and the package transform. In E. Biham, editor, Fast Software Encryption, volume 1267 of Lecture Notes in Computer Science, pages 210–218. Springer-Verlag, 1997.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Jean-Sébastien Coron 
    • 1
  • Helena Handschuh
    • 1
  • Marc Joye
    • 2
  • Pascal Paillier
    • 1
  • David Pointcheval
    • 3
  • Christophe Tymen
    • 1
    • 3
  1. 1.Gemplus Card InternationalIssy-les-MoulineauxFrance
  2. 2.Gemplus Card InternationalGémenos CedexFrance
  3. 3.Computer Science DepartmentÉcole Normale SupérieureParis Cedex 05France

Personalised recommendations