A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks

Jan Camenisch, Nishanth Chandran, Victor Shoup

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recently, at Crypto 2008, Boneh, Halevi, Hamburg, and Ostrovsky (BHHO) solved the long-standing open problem of "circular encryption," by presenting a public key encryption scheme and proving that it is semantically secure against key dependent chosen plaintext attack (KDM-CPA security) under standard assumptions (and without resorting to random oracles). However, they left as an open problem that of designing an encryption scheme that simultaneously provides security against both key dependent chosen plaintext and adaptive chosen ciphertext attack (KDM-CCA2 security). In this paper, we solve this problem. First, we show that by applying the Naor-Yung "double encryption" paradigm, one can combine any KDM-CPA secure scheme with any (ordinary) CCA2 secure scheme, along with an appropriate non-interactive zero-knowledge proof, to obtain a KDM-CCA2 secure scheme. Second, we give a concrete instantiation that makes use the above KDM-CPA secure scheme of BHHO, along with a generalization of the Cramer-Shoup CC secure encryption scheme, and recently developed pairing-based NIZK proof systems. This instantiation increases the complexity of the BHHO scheme by just a small constant factor.

Original languageEnglish (US)
Title of host publicationAdvances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
Pages351-368
Number of pages18
Volume5479 LNCS
DOIs
StatePublished - 2009
Event28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009 - Cologne, Germany
Duration: Apr 26 2009Apr 30 2009

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5479 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009
CountryGermany
CityCologne
Period4/26/094/30/09

Fingerprint

Public Key Encryption
Cryptography
Attack
Dependent
Encryption
Open Problems
Zero-knowledge Proof
Random Oracle
Proof System
Pairing
Paradigm

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Camenisch, J., Chandran, N., & Shoup, V. (2009). A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks. In Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings (Vol. 5479 LNCS, pp. 351-368). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5479 LNCS). https://doi.org/10.1007/978-3-642-01001-9_20

A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks. / Camenisch, Jan; Chandran, Nishanth; Shoup, Victor.

Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Vol. 5479 LNCS 2009. p. 351-368 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5479 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Camenisch, J, Chandran, N & Shoup, V 2009, A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks. in Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. vol. 5479 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5479 LNCS, pp. 351-368, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2009, Cologne, Germany, 4/26/09. https://doi.org/10.1007/978-3-642-01001-9_20
Camenisch J, Chandran N, Shoup V. A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks. In Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Vol. 5479 LNCS. 2009. p. 351-368. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-01001-9_20
Camenisch, Jan ; Chandran, Nishanth ; Shoup, Victor. / A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks. Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Vol. 5479 LNCS 2009. pp. 351-368 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{b3a2bd0429094d30b6ba5000d5517799,
title = "A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks",
abstract = "Recently, at Crypto 2008, Boneh, Halevi, Hamburg, and Ostrovsky (BHHO) solved the long-standing open problem of {"}circular encryption,{"} by presenting a public key encryption scheme and proving that it is semantically secure against key dependent chosen plaintext attack (KDM-CPA security) under standard assumptions (and without resorting to random oracles). However, they left as an open problem that of designing an encryption scheme that simultaneously provides security against both key dependent chosen plaintext and adaptive chosen ciphertext attack (KDM-CCA2 security). In this paper, we solve this problem. First, we show that by applying the Naor-Yung {"}double encryption{"} paradigm, one can combine any KDM-CPA secure scheme with any (ordinary) CCA2 secure scheme, along with an appropriate non-interactive zero-knowledge proof, to obtain a KDM-CCA2 secure scheme. Second, we give a concrete instantiation that makes use the above KDM-CPA secure scheme of BHHO, along with a generalization of the Cramer-Shoup CC secure encryption scheme, and recently developed pairing-based NIZK proof systems. This instantiation increases the complexity of the BHHO scheme by just a small constant factor.",
author = "Jan Camenisch and Nishanth Chandran and Victor Shoup",
year = "2009",
doi = "10.1007/978-3-642-01001-9_20",
language = "English (US)",
isbn = "3642010008",
volume = "5479 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "351--368",
booktitle = "Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings",

}

TY - GEN

T1 - A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks

AU - Camenisch, Jan

AU - Chandran, Nishanth

AU - Shoup, Victor

PY - 2009

Y1 - 2009

N2 - Recently, at Crypto 2008, Boneh, Halevi, Hamburg, and Ostrovsky (BHHO) solved the long-standing open problem of "circular encryption," by presenting a public key encryption scheme and proving that it is semantically secure against key dependent chosen plaintext attack (KDM-CPA security) under standard assumptions (and without resorting to random oracles). However, they left as an open problem that of designing an encryption scheme that simultaneously provides security against both key dependent chosen plaintext and adaptive chosen ciphertext attack (KDM-CCA2 security). In this paper, we solve this problem. First, we show that by applying the Naor-Yung "double encryption" paradigm, one can combine any KDM-CPA secure scheme with any (ordinary) CCA2 secure scheme, along with an appropriate non-interactive zero-knowledge proof, to obtain a KDM-CCA2 secure scheme. Second, we give a concrete instantiation that makes use the above KDM-CPA secure scheme of BHHO, along with a generalization of the Cramer-Shoup CC secure encryption scheme, and recently developed pairing-based NIZK proof systems. This instantiation increases the complexity of the BHHO scheme by just a small constant factor.

AB - Recently, at Crypto 2008, Boneh, Halevi, Hamburg, and Ostrovsky (BHHO) solved the long-standing open problem of "circular encryption," by presenting a public key encryption scheme and proving that it is semantically secure against key dependent chosen plaintext attack (KDM-CPA security) under standard assumptions (and without resorting to random oracles). However, they left as an open problem that of designing an encryption scheme that simultaneously provides security against both key dependent chosen plaintext and adaptive chosen ciphertext attack (KDM-CCA2 security). In this paper, we solve this problem. First, we show that by applying the Naor-Yung "double encryption" paradigm, one can combine any KDM-CPA secure scheme with any (ordinary) CCA2 secure scheme, along with an appropriate non-interactive zero-knowledge proof, to obtain a KDM-CCA2 secure scheme. Second, we give a concrete instantiation that makes use the above KDM-CPA secure scheme of BHHO, along with a generalization of the Cramer-Shoup CC secure encryption scheme, and recently developed pairing-based NIZK proof systems. This instantiation increases the complexity of the BHHO scheme by just a small constant factor.

UR - http://www.scopus.com/inward/record.url?scp=67650691588&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67650691588&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-01001-9_20

DO - 10.1007/978-3-642-01001-9_20

M3 - Conference contribution

SN - 3642010008

SN - 9783642010002

VL - 5479 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 351

EP - 368

BT - Advances in Cryptology - EUROCRYPT 2009 - 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings

ER -