Skip to main content

Relations among notions of security for public-key encryption schemes

Part of the Lecture Notes in Computer Science book series (LNCS,volume 1462)

Abstract

We compare the relative strengths of popular notions of security for public key encryption schemes. We consider the goals of privacy and non-malleability, each under chosen plaintext attack and two kinds of chosen ciphertext attack. For each of the resulting pairs of definitions we prove either an implication (every scheme meeting one notion must meet the other) or a separation (there is a scheme meeting one notion but not the other, assuming the first notion can be met at all). We similarly treat plaintext awareness, a notion of security in the random oracle model. An additional contribution of this paper is a new definition of non-malleability which we believe is simpler than the previous one.

Keywords

  • Encryption Scheme
  • Random Oracle
  • Random Oracle Model
  • Challenge Ciphertext
  • Decryption Oracle

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. M. Bellare, R. Canetti and H. Krawczyk, A modular approach to the design and analysis of authentication and key exchange protocols. Proceedings of the 30th Annual Symposium on Theory of Computing, ACM, 1998.

    Google Scholar 

  2. M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway, Relations among notions of security for public-key encryption schemes. Pull version of this paper, available via http://www-cse.ucsd.edu/users/mihir/

    Google Scholar 

  3. M. Bellare and P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. First ACM Conference on Computer and Communications Security, ACM, 1993.

    Google Scholar 

  4. M. Bellare and P. Rogaway, Optimal asymmetric encryption — How to encrypt with RSA. Advances in Cryptology — Eurocrypt 94 Proceedings, Lecture Notes in Computer Science Vol. 950, A. De Santis ed., Springer-Verlag, 1994.

    Google Scholar 

  5. M. Bellare and A. Sahai, private communication, May 1998.

    Google Scholar 

  6. D. Bleichenbacher, A chosen ciphertext attack against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology — CRYPTO '98 Proceedings, Lecture Notes in Computer Science, H. Krawczyk, ed., Springer-Verlag 1998.

    Google Scholar 

  7. M. Blum, P. Feldman and S. Micali, Non-interactive zero-knowledge and its applications. Proceedings of the 20th Annual Symposium on Theory of Computing, ACM, 1988.

    Google Scholar 

  8. R. Cramer and V. Shoup, A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. Advances in Cryptology — CRYPTO '98 Proceedings, Lecture Notes in Computer Science, H. Krawczyk, ed., Springer-Verlag 1998.

    Google Scholar 

  9. I. Damgård, Towards practical public key cryptosystems secure against chosen ciphertext attacks. Advances in Cryptology — Crypto 91 Proceedings, Lecture Notes in Computer Science Vol. 576, J. Feigenbaum ed., Springer-Verlag, 1991.

    Google Scholar 

  10. A. De Santis and G. Persiano, Zero-knowledge proofs of knowledge without interaction. Proceedings of the 33rd Symposium on Foundations of Computer Science, IEEE, 1992.

    Google Scholar 

  11. D. Dolev, C. Dwork, and M. Naor, Non-malleable cryptography. Proceedings of the 23rd Annual Symposium on Theory of Computing, ACM, 1991.

    Google Scholar 

  12. D. Dolev, C. Dwork, and M. Naor, Non-malleable cryptography. Technical Report CS95-27, Weizmann Institute of Science, 1995.

    Google Scholar 

  13. D. Dolev, C. Dwork, and M. Naor, Non-malleable cryptography. Manuscript, 1998.

    Google Scholar 

  14. O. Goldreich, A uniform complexity treatment of encryption and zero-knowledge. Journal of Cryptology, Vol. 6, 1993, pp. 21–53.

    MATH  MathSciNet  Google Scholar 

  15. Z. Galil, S. Haber and M. Yung, Symmetric public key encryption. Advances in Cryptology — Crypto 85 Proceedings, Lecture Notes in Computer Science Vol. 218, H. Williams ed., Springer-Verlag, 1985.

    Google Scholar 

  16. Z. Galil, S. Haber and M. Yung, Security against replay chosen ciphertext attack. Distributed Computing and Cryptography, DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 2, ACM, 1991.

    Google Scholar 

  17. S. Goldwasser and S. Micali, Probabilistic encryption. Journal of Computer and System Sciences, 28:270–299, 1984.

    MATH  MathSciNet  CrossRef  Google Scholar 

  18. O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions. Journal of the ACM, Vol. 33, No. 4, 1986, pp. 210–217.

    MathSciNet  CrossRef  Google Scholar 

  19. J. Håstad, R. Impagliazzo, L. Levin and M. Luby, Construction of a pseudo-random generator from any one-way function. Manuscript. Earlier versions in STOC 89 and STOC 90.

    Google Scholar 

  20. R. Impagliazzo and M. Luby, One-way functions are essential for complexity based cryptography. Proceedings of the 30th Symposium on Foundations of Computer Science, IEEE, 1989.

    Google Scholar 

  21. S. Micali, C. Rackoff and R. Sloan, The notion of security for probabilistic cryptosystems. SIAM J. of Computing, April 1988.

    Google Scholar 

  22. M. Naor, private communication, March 1998.

    Google Scholar 

  23. M. Naor and M. Yung, Public-key cryptosystems provably secure against chosen ciphertext attacks. Proceedings of the 22nd Annual Symposium on Theory of Computing, ACM, 1990.

    Google Scholar 

  24. C. Rackoff and D. Simon, Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. Advances in Cryptology — Crypto 91 Proceedings, Lecture Notes in Computer Science Vol. 576, J. Feigenbaum ed., Springer-Verlag, 1991.

    Google Scholar 

  25. SETCo (Secure Electronic Transaction LLC), The SET standard book 3 formal protocol definitions (version 1.0). May 31, 1997. Available from http://www.setco.org/

    Google Scholar 

  26. Y. Zheng and J. Seberry, Immunizing public key cryptosystems against chosen ciphertext attack. IEEE Journal on Selected Areas in Communications, vol. 11, no. 5, 715–724 (1993).

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bellare, M., Desai, A., Pointcheval, D., Rogaway, P. (1998). Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (eds) Advances in Cryptology — CRYPTO '98. CRYPTO 1998. Lecture Notes in Computer Science, vol 1462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055718

Download citation

  • DOI: https://doi.org/10.1007/BFb0055718

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64892-5

  • Online ISBN: 978-3-540-68462-6

  • eBook Packages: Springer Book Archive