Advertisement

Public Key Encryption without Random Oracle Made Truly Practical

  • Puwen Wei
  • Xiaoyun Wang
  • Yuliang Zheng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5927)

Abstract

An important research area in the past decade is to search for efficient cryptographic schemes that do not rely for their security on the controversial random oracle assumption. In this paper, we continue this line of endeavors and report our success in identifying a very efficient public key encryption scheme whose formal security proof does not require a random oracle. Specifically, we show how to modify a universal hash based public key encryption scheme proposed by Zheng and Seberry at Crypto’92, in such a way that the resultant scheme not only preserves efficiency but also admits provable security against adaptive chosen ciphertext attack without a random oracle. We also compare the modified Zheng-Seberry scheme with related encryption schemes in terms of efficiency and underlying assumptions, supporting our conclusion that the modified Zheng-Seberry scheme is preferable to its competitors.

Keywords

random oracle universal hash public key encryption 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdalla, M., Bellare, M., Rogaway, P.: The oracle Diffie-Hellman assumptions and an analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Baek, J., Zheng, Y.: Zheng and Seberry’s public key encryption scheme revisited. International Journal of Information Security (IJIS) 2(1), 37–44 (2003)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: First ACM Conference on Computer and Communication Security, pp. 62–73. Association for Computing Machinery (1993)Google Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Optimal asymmetric encryption—how to encrypt with RSA. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Minimizing the use of random oracles in authenticated encryption schemes. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 1–16. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  6. 6.
    Bernstein, D.J.: Polynomial evaluation and message authentication (2007), http://cr.yp.to/papers.html#pema
  7. 7.
    Boldyreva, A., Fischlin, M.: On the security of OAEP. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 210–225. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. In: STOC 1998, pp. 209–218. ACM Press, New York (1998)CrossRefGoogle Scholar
  9. 9.
    Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences 18(2), 143–154 (1979)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)Google Scholar
  11. 11.
    Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    den Boer, B.: A simple and key-economical unconditional authentication scheme. Journal of Computer Security 2(1), 65–71 (1993)MathSciNetGoogle Scholar
  13. 13.
    Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM Journal on Computing 30(2), 391–437 (2000)MATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)Google Scholar
  15. 15.
    Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is secure under the RSA assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260–274. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Gennaro, R., Shoup, V.: A note on an encryption scheme of Kurosawa and Desmedt (2005), http://www.shoup.net/papers/kdnote.pdf
  17. 17.
    Hofheinz, D., Kiltz, E.: Secure hybrid encryption from weakened key encapsulation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 553–571. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Hofheinz, D., Kiltz, E.: Practical chosen ciphertext secure encryption from factoring. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 313–332. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions. In: STOC 1989, pp. 12–24. ACM Press, New York (1989)CrossRefGoogle Scholar
  20. 20.
    Kiltz, E., Pietrzak, K., Stam, M., Yung, M.: A new randomness extraction paradigm for hybrid encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 589–608. Springer, Heidelberg (2009)Google Scholar
  21. 21.
    Krawczyk, H.: On extract-then-expand key derivation functions and an HMAC-based KDF (2008), http://www.ee.technion.ac.il/~hugo/kdf/
  22. 22.
    Kurosawa, K., Desmedt, Y.: A new paradigm of hybrid encryption scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)Google Scholar
  23. 23.
    Leurent, G., Nguyen, P.Q.: How risky is the random oracle model. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 445–464. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen cipher-text attacks. In: STOC 1990, pp. 14–16. ACM Press, New York (1990)Google Scholar
  25. 25.
    Pandey, O., Pass, R., Vaikuntanathan, V.: Adaptive one-way functions and applications. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 57–74. Springer, Heidelberg (2008)Google Scholar
  26. 26.
    Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)Google Scholar
  27. 27.
    Shoup, V.: Using hash functions as a hedge against chosen ciphertext attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 275–288. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  28. 28.
    Shoup, V.: OAEP reconsidered. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  29. 29.
    Soldera, D., Seberry, J., Qu, C.: The analysis of Zheng-Seberry scheme. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 159–168. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  30. 30.
    Zheng, Y., Seberry, J.: Immunizing public key cryptosystems against chosen ciphertext attacks. IEEE journal on selected areas in communications 11(5), 715–724 (1993)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Puwen Wei
    • 1
  • Xiaoyun Wang
    • 1
    • 2
  • Yuliang Zheng
    • 3
  1. 1.Key Laboratory of Cryptologic Technology and Information Security, Ministry of EducationShandong UniversityJinanChina
  2. 2.Institute for Advanced StudyTsinghua UniversityBeijingChina
  3. 3.Department of Software and Information SystemsUniversity of North Carolina at CharlotteCharlotteUSA

Personalised recommendations