A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack

  • Ronald Cramer
  • Victor Shoup
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1462)

Abstract

A new public key cryptosystem is proposed and analyzed. The scheme is quite practical, and is provably secure against adaptive chosen ciphertext attack under standard intractability assumptions. There appears to be no previous cryptosystem in the literature that enjoys both of these properties simultaneously.

References

  1. 1.
    N. Asokan, V. Shoup, and M. Waidner. Optimistic fair exchange of digital signatures. In Advances in Cryptology-Eurocrypt '98, 1998.Google Scholar
  2. 2.
    M. Bellare, R. Canetti, and H. Krawczyk. A modular approach to the design and analysis of authentication and key exchange protocols. In 30th Annual ACM Symposium on Theory of Computing, 1998.Google Scholar
  3. 3.
    M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62–73, 1993.Google Scholar
  4. 4.
    M. Bellare and P. Rogaway. Optimal asymmetric encryption. In Advances in Cryptology — Crypto '94, pages 92–111, 1994.Google Scholar
  5. 5.
    M. Bellare and P. Rogaway. Collision-resistant hashing: towards making UOWHFs practical. In Advances in Cryptology-Crypto '97, 1997.Google Scholar
  6. 6.
    D. Boneh and R. Venkatesan. Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes. In Advances in Cryptology-Crypto '96, pages 129–142, 1996.Google Scholar
  7. 7.
    R. Canetti, O. Goldreich, and S. Halevi. The random oracle model, revisted. In 30th Annual ACM Symposium on Theory of Computing, 1998. To appear.Google Scholar
  8. 8.
    I. Damgard. Towards practical public key cryptosystems secure against chosen ciphertext attacks. In Advances in Cryptology-Crypto '91, pages 445–456, 1991.Google Scholar
  9. 9.
    D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography. In 23rd Annual ACM Symposium on Theory of Computing, pages 542–552, 1991.Google Scholar
  10. 10.
    D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography, 1998. Manuscript (updated, full length version of STOC paper).Google Scholar
  11. 11.
    C. Dwork and M. Naor. Method for message authentication from non-malleable cryptosystems, 1996. U. S. Patent No. 05539826.Google Scholar
  12. 12.
    T. El Gamal. A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory, 31:469–472, 1985.MathSciNetCrossRefGoogle Scholar
  13. 13.
    Y. Frankel and M. Yung. Cryptanalysis of immunized LL public key systems. In Advances in Cryptology-Crypto '95, pages 287–296, 1995.Google Scholar
  14. 14.
    S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28:270–299, 1984.MATHMathSciNetCrossRefGoogle Scholar
  15. 15.
    R. Impagliazzo, L. Levin, and M. Luby. Pseudo-random number generation from any one-way function. In 21st Annual ACM Symposium on Theory of Computing, pages 12–24, 1989.Google Scholar
  16. 16.
    C. H. Lim and P. J. Lee. Another method for attaining security against adaptively chosen ciphertext attacks. In Advances in Cryptology-Crypto '93, pages 420–434, 1993.Google Scholar
  17. 17.
    M. Naor and O. Reingold. Number-theoretic constructions of efficient pseudo-random functions. In 38th Annual Symposium on Foundations of Computer Science, 1997.Google Scholar
  18. 18.
    M. Naor and M. Yung. Universal one-way hash functions and their cryptographic applications. In 21st Annual ACM Symposium on Theory of Computing, 1989.Google Scholar
  19. 19.
    M. Naor and M. Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In 22nd Annual ACM Symposium on Theory of Computing, pages 427–437, 1990.Google Scholar
  20. 20.
    C. Rackoff and D. Simon. Noninteractive zero-knowledge proof of knowledge and chosen ciphertext attack. In Advances in Cryptology-Crypto '91, pages 433–444, 1991.Google Scholar
  21. 21.
    V. Shoup. Lower bounds for discrete logarithms and related problems. In Advances in Cryptology-Eurocrypt '97, 1997.Google Scholar
  22. 22.
    V. Shoup and R. Gennaro. Securing threshold cryptosystems against chosen ciphertext attack. In Advances in Cryptology-Eurocrypt '98, 1998.Google Scholar
  23. 23.
    M. Stadler. Publicly verifiable secrete sharing. In Advances in Cryptology-Eurocrypt '96, pages 190–199, 1996.Google Scholar
  24. 24.
    Y. Zheng and J. Seberry. Practical approaches to attaining security against adaptively chosen ciphertext attacks. In Advances in Cryptology-Crypto '92, pages 292–304, 1992.Google Scholar

Copyright information

© Springer-Verlag 1998

Authors and Affiliations

  • Ronald Cramer
    • 1
  • Victor Shoup
    • 2
  1. 1.Institute for Theoretical Computer ScienceETH ZurichZurich
  2. 2.IBM Zurich Research LaboratoryRüschlikonSwitzerland

Personalised recommendations