A Note on “on Ciphertext Undetectability”
نویسندگان
چکیده
The notion of ciphertext undetectability was introduced in [Gaži, P. – Stanek, M.: On ciphertext undetectability, Tatra Mt. Math. Publ. 41 (2008), 133–151] as a steganographic property of an encryption scheme. While finding the relationship between ciphertext undetectability and indistinguishability of encryptions, authors showed that ciphertext undetectability does not imply indistinguishability. Though the proposition is correct, the proof is not. In this note, we provide a correct proof of the above-mentioned result by a slight modification of the construction used in original paper cited above.
منابع مشابه
On Ciphertext Undetectability
We propose a novel security notion for public-key encryption schemes – ciphertext undetectability. Informally, an encryption scheme has the property of ciphertext undetectability, if the attacker is unable to distinguish between valid and invalid ciphertexts. We compare this notion with the established ones, such as indistinguishability of ciphertexts and plaintext awareness. We analyze the pos...
متن کاملNote for Technical Report #007 Version 2. the Material on Oaep in This Report Has Been Superceded by Ntru Technical Report #016, " Protecting Ntru against Chosen Ciphertext and Reaction Attacks, " Available At
RSA and Bell Labs [2, 3] have recently announced a potential attack on certain public key protocols, along with several suggested countermeasures. The most secure of these countermeasures uses the concept of plaintext aware, which means that it should be infeasible to construct a valid ciphertext without knowing the corresponding plaintext. Failure to be plaintext aware may open a cryptosystem ...
متن کاملA Note on An Encryption Scheme of Kurosawa and Desmedt
Recently, Kurosawa and Desmedt presented a new hybrid encryption scheme which is secure against adaptive chosen-ciphertext attack. Their scheme is a modification of the Cramer-Shoup encryption scheme. Its major advantage with respect to CramerShoup is that it saves the computation of one exponentiation and produces shorter ciphertexts. However, the proof presented by Kurosawa and Desmedt relies...
متن کاملThe Kurosawa-Desmedt Key Encapsulation is not Chosen-Ciphertext Secure
At CRYPTO 2004, Kurosawa and Desmedt presented a hybrid public-key encryption scheme that is chosen-ciphertext secure in the standard model. Until now it was unknown if the key-encapsulation part of the Kurosawa-Desmedt scheme by itself is still chosenciphertext secure or not. In this short note we answer this question to the negative, namely we present a simple chosen-ciphertext attack on the ...
متن کاملA Characterization of Authenticated-Encryption as a Form of Chosen-Ciphertext Security
In this note we introduce a variation of the standard definition of chosen-ciphertext security, which we call IND-CCA3, and prove that IND-CCA3 is equivalent to authenticated-encryption.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014