Security of Signed ElGamal Encryption
نویسندگان
چکیده
Assuming a cryptographically strong cyclic group G of prime order q and a random hash function H, we show that ElGamal encryption with an added Schnorr signature is secure against the adaptive chosen ciphertext attack, in which an attacker can freely use a decryption oracle except for the target ciphertext. We also prove security against the novel one-more-decyption attack. Our security proofs are in a new model, corresponding to a combination of two previously introduced models, the Random Oracle model and the Generic model. The security extends to the distributed threshold version of the scheme. Moreover, we propose a very practical scheme for private information retrieval that is based on blind decryption of ElGamal ciphertexts.
منابع مشابه
On the Hardness of Proving CCA-Security of Signed ElGamal
The well-known Signed ElGamal scheme consists of ElGamal encryption with a non-interactive Schnorr proof of knowledge. While this scheme should be intuitively secure against chosen-ciphertext attacks in the random oracle model, its security has not yet been proven nor disproven so far, without relying on further non-standard assumptions like the generic group model. Currently, the best known po...
متن کاملZero-knowledge proofs in theory and practice
Zero-knowledge proof schemes are one of the main building blocks of modern cryptography. Using the Helios voting protocol as a practical example, we show mistakes in the previous understanding of these proof schemes and the resulting security problems. We proceed to deVne a hierarchy of security notions that solidiVes our understanding of proof schemes: weak proof schemes, strong proof schemes ...
متن کاملA Robust and Plaintext-Aware Variant of Signed ElGamal Encryption
Adding a Schnorr signature to ElGamal encryption is a popular proposal aiming at thwarting chosen-ciphertext attacks by rendering the scheme plaintext-aware. However, there is no known security proof for the resulting scheme, at least not in a weaker model than the one obtained by combining the Random Oracle Model (ROM) and the Generic Group Model (Schnorr and Jakobsson, ASIACRYPT 2000). In thi...
متن کاملA CCA Secure Hybrid Damgård's ElGamal Encryption
ElGamal encryption, by its efficiency, is one of the most used schemes in cryptographic applications. However, the original ElGamal scheme is only provably secure against passive attacks. Damg̊ard proposed a slight modification of ElGamal encryption scheme (named Damg̊ard’s ElGamal scheme) that provides security against non-adaptive chosen ciphertext attacks under a knowledge-of-exponent assumpti...
متن کاملThe Group of Signed Quadratic Residues and Applications
We consider the cryptographic group of Signed Quadratic Residues. This group is particularly useful for cryptography since it is a “gap-group,” in which the computational problem (i.e., computing square roots) is as hard as factoring, while the corresponding decisional problem (i.e., recognizing signed quadratic residues) is easy. We are able to show that under the factoring assumption, the Str...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2000