Efficient Key Encapsulation to Multiple Parties
We present the notion of an mKEM, which is a Key Encapsulation Mechanism (KEM) which takes multiple public keys as input. This has applications where one wishes to encrypt a single large document to a set of multiple recipients, as when one sends an encrypted email to more than one person. We present a security definition and show that the naive approach to implementing an mKEM is secure under this definition. We then go on to present a more efficient construction of an mKEM, which is secure in the random oracle model.
KeywordsRandom Oracle Security Parameter Random Oracle Model Multiple Party Decryption Oracle
Unable to display preview. Download preview PDF.
- 1.Abdalla, M., Bellare, M., Rogaway, P.: DHAES: An encryption scheme based on the Diffie–Hellman problem. Preprint (1999)Google Scholar
- 4.Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen-ciphertext attack. Preprint (2002)Google Scholar
- 5.Shoup, V.: A proposal for the ISO standard for public-key encryption (version 2.0). Preprint (2001)Google Scholar