A Public-Key Encryption Scheme with Pseudo-random Ciphertexts

  • Bodo Möller
Conference paper

DOI: 10.1007/978-3-540-30108-0_21

Part of the Lecture Notes in Computer Science book series (LNCS, volume 3193)
Cite this paper as:
Möller B. (2004) A Public-Key Encryption Scheme with Pseudo-random Ciphertexts. In: Samarati P., Ryan P., Gollmann D., Molva R. (eds) Computer Security – ESORICS 2004. ESORICS 2004. Lecture Notes in Computer Science, vol 3193. Springer, Berlin, Heidelberg


This work presents a practical public-key encryption scheme that offers security under adaptive chosen-ciphertext attack (CCA) and has pseudo-random ciphertexts, i.e. ciphertexts indistinguishable from random bit strings. Ciphertext pseudo-randomness has applications in steganography. The new scheme features short ciphertexts due to the use of elliptic curve cryptography, with ciphertext pseudo-randomness achieved through a new key encapsulation mechanism (KEM) based on elliptic curve Diffie-Hellman with a pair of elliptic curves where each curve is a twist of the other. The public-key encryption scheme resembles the hybrid DHIES construction; besides by using the new KEM, it differs from DHIES in that it uses an authenticate-then-encrypt (AtE) rather than encrypt-then-authenticate (EtA) approach for symmetric cryptography.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Bodo Möller
    • 1
  1. 1.University of CaliforniaBerkeley

Personalised recommendations