Strong Adaptive Chosen-Ciphertext Attacks
نویسندگان
چکیده
This paper presents a new type of powerful cryptanalytic attacks on public-key cryptosystems, extending the more commonly studied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a “dump query” prior to the completion of a decryption operation. The dump query returns intermediate results that have not been erased in the course of the decryption operation, whereby allowing the adversary to gain vital advantages in breaking the cryptosystem. We believe that the new attack model approximates more closely existing security systems. We examine its power by demonstrating that most existing public-key cryptosystems, including OAEP-RSA, are vulnerable to our extended attacks.
منابع مشابه
Strong Adaptive Chosen-Ciphertext Attacks with Memory Dump (or: The Importance of the Order of Decryption and Validation)
This paper presents a new type of powerful cryptanalytic attacks on public-key cryptosystems, extending the more commonly studied adaptive chosen-ciphertext attacks. In the new attacks, an adversary is not only allowed to submit to a decryption oracle (valid or invalid) ciphertexts of her choice, but also to emit a “dump query” prior to the completion of a decryption operation. The dump query r...
متن کاملSecurity Analysis of Signcryption Scheme from q-Diffie-Hellman Problems
SUMMARY In this paper, we analyse the Libert-Quisquater's q-DH signcryption scheme proposed in SCN'2004. Although the paper proved that their scheme is secure against adaptive chosen ciphertext attacks in the random oracle model, we disprove their claim and show that their scheme is not even secure against non-adaptive chosen ciphtertext attacks, which is the weaker security than the adaptive c...
متن کاملHow to Enhance the Security of Public-Key Encryption at Minimum Cost
This paper presents a simple and generic conversion from a publickey encryption scheme which is indistinguishable against chosen-plaintext attacks into a public-key encryption scheme which is indistinguishable against adaptive chosen-ciphertext attacks in the random oracle model. The scheme obtained by the conversion is as e cient as the original encryption scheme and the security reduction is ...
متن کاملProtecting NTRU Against Chosen Ciphertext and Reaction Attacks
This report describes how the Fujisaki-Okamoto SelfReferential Technique (FOSRT) can be used to make the NTRU Public Key Cryptosystem resistant to adaptive chosen ciphertext attacks and to reaction attacks. Many asymmetric ciphers are susceptible to (adaptive) chosen ciphertext attacks. An attacker sends a series of purported ciphertexts e1, e2, . . . and uses the decryptions to deduce informat...
متن کاملNote for Technical Report #007 Version 2. the Material on Oaep in This Report Has Been Superceded by Ntru Technical Report #016, " Protecting Ntru against Chosen Ciphertext and Reaction Attacks, " Available At
RSA and Bell Labs [2, 3] have recently announced a potential attack on certain public key protocols, along with several suggested countermeasures. The most secure of these countermeasures uses the concept of plaintext aware, which means that it should be infeasible to construct a valid ciphertext without knowing the corresponding plaintext. Failure to be plaintext aware may open a cryptosystem ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001