MAC-free variant of KD04
نویسندگان
چکیده
Kurosawa and Desmedt proposed an efficient hybrid encryption scheme(KD04) which is secure against adaptive chosen ciphertext attacks(IND-CCA) although the underlying KEM(key encapsulation mechanism) is not IND-CCA secure[11]. We show a variant of KD04 which is IND-CCA secure when the the underlying DEM part is IND-CCA secure. We need a DEM built from one-time symmetric encryption scheme and a MAC in the security reduction to check if the KEM part of a ciphertext is valid. However in the real situation we can check if the KEM part of the ciphertext is valid without the help of the MAC. So the hybrid encryption scheme can also use redundancy-free IND-CCA secure DEMs that avoid the overhead due to the MAC. When using redundancy-free(MAC-free) IND-CCA secure DEMs, the new scheme will be more efficient than KD04 in bandwidth.
منابع مشابه
Influence of Magnetic Wire Positions on free convection of Fe3O4-Water nanofluid in a Square Enclosure Utilizing with MAC Algorithm
The augment of heat transfer and fluid of buoyancy-driven flow of Fe3O4-Water nanofluid in a square cavity under the influence of an external magnetic field is studied numerically. Cold temperature is applied on the side (vertical) walls and high temperature is imposed on the bottom wall while the top wall is kept at thermally insulated. The governing non-dimensional differential equations are ...
متن کاملRevisit of chosen ciphertext secure public key encryption in standard model
We revisit the chosen ciphertext secure public key encryption schemes in standard model including Cramer-Shoup’s scheme(CS98) and KurosawaDesmedt’s scheme(KD04). We get the simplified version of CS98 and KD04. The simplified schemes are more efficient than the original schemes, and also provable secure against chosen ciphertext attack in standard model.
متن کاملA new paradigm of chosen ciphertext secure public key encryption scheme
For all current adaptive chosen ciphertext(CCA) secure public key encryption schemes in standard model there are two operations in the decryption algorithm, “validity check” and decryption. The decryption algorithm returns the corresponding plaintext if the ciphertext is valid otherwise it returns a rejection symbol ⊥. We call this paradigm “invalid ciphertext rejection”. However the “validity ...
متن کاملA three-dimensional mathematical model for drug delivery from drug-eluting stents
Current drug-eluting stent (DES) technology is not optimized with regard to the pharmacokinetics of drug release, more research on the <span style="font-size: 12pt; color: #000000; font-style: normal; ...
متن کاملAn Update on the Analysis and Design of NMAC and HMAC Functions
In this paper, we investigate the issues in the analysis and design of provably secure message authentication codes (MACs) Nested MAC (NMAC) and Hash based MAC (HMAC) proposed by Bellare, Canetti and Krawczyk. First, we provide security analysis of NMAC using weaker assumptions than stated in its proof of security. This analysis shows that, theoretically, one cannot further weaken the assumptio...
متن کامل