Secure ElGamal-Type Cryptosystems Without Message Encoding
ElGamal cryptosystem is one of the oldest public-key cryptosystems. It is known to be semantically secure for arbitrary messages in the random oracle model under the decisional Diffie-Hellman assumption. Semantic security also holds in the standard model when messages are encoded as elements in the group for which the decisional Diffie-Hellman assumption is defined. This paper introduces a setting and companion cryptosystem where semantic security can be proved in the standard model without message encoding. Extensions achieving security against chosen-ciphertext attacks are also provided.
KeywordsHash Function Security Parameter Message Space Security Notion Challenge Ciphertext
- 1.Bellare, M., Rogaway, P., Random oracles are practical: a paradigm for designing efficient protocols. In: 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press (1993)Google Scholar
- 12.Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: 21st Annual ACM Symposium on Theory of Computing, pp. 33–43. ACM Press (1989)Google Scholar
- 13.Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: 22nd Annual ACM Symposium on Theory of Computing, pp. 427–437. ACM Press (1990)Google Scholar
- 14.Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)Google Scholar