A New Randomness Extraction Paradigm for Hybrid Encryption
نویسندگان
چکیده
We present a new approach to the design of IND-CCA2 secure hybrid encryption schemes in the standard model. Our approach provides an efficient generic transformation from 1-universal to 2universal hash proof systems. The transformation involves a randomness extractor based on a 4-wise independent hash function as the key derivation function. Our methodology can be instantiated with efficient schemes based on standard intractability assumptions such as Decisional Diffie-Hellman, Quadratic Residuosity, and Paillier’s Decisional Composite Residuosity. Interestingly, our framework also allows to prove IND-CCA2 security of a hybrid version of 1991’s Damg̊ard’s ElGamal public-key encryption scheme under the DDH assumption.
منابع مشابه
Extensions of Public-Key, Identity-Based and Certificateless Encryption Schemes
In this work, we first study extensions and applications of the identity-based encryption (IBE) primitive, focusing on generic constructions. We first define what is meant by an identity-based key encapsulation mechanism before extending it to the multi-recipient setting. We then propose an efficient multi-recipient scheme based on bilinear maps and then move on to investigate the properties of...
متن کاملRandomness Re-use in Multi-recipient Encryption Schemeas
Kurosawa showed how one could design multi-receiver encryption schemes achieving savings in bandwidth and computation relative to the naive methods. We broaden the investigation. We identify new types of attacks possible in multi-recipient settings, which were overlooked by the previously suggested models, and specify an appropriate model to incorporate these types of attacks. We then identify ...
متن کاملSecure Hybrid Encryption from Weakened Key Encapsulation
We put forward a new paradigm for building hybrid encryption schemes from constrained chosen-ciphertext secure (CCCA) key-encapsulation mechanisms (KEMs) plus authenticated symmetric encryption. Constrained chosen-ciphertext security is a new security notion for KEMs that we propose. CCCA has less demanding security requirements than standard chosen-ciphertext (CCA) security (since it requires ...
متن کاملProvably Secure Encrypt-then-Sign Composition in Hybrid Signcryption
To make authenticated encryption which provides confidentiality and authenticity of a message simultaneously, a signcryption scheme uses asymmetric primitives, such as an asymmetric encryption scheme for confidentiality and a signature scheme for authentication. Among the signcryption schemes, the hybrid signcryption schemes are the signcryption schemes that use a key agreement scheme to exchan...
متن کاملSeparating Sources for Encryption and Secret Sharing
Most cryptographic primitives such as encryption, authentication or secret sharing require randomness. Usually one assumes that perfect randomness is available, but those primitives might also be realized under weaker assumptions. In this work we continue the study of building secure cryptographic primitives from imperfect random sources initiated by Dodis and Spencer (FOCS’02). Their main resu...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008