48 citations found. Retrieving documents...
R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public key encryption. Eurocrypt '02.

 Home/Search   Document Details and Download   Summary   Related Articles   Check  

This paper is cited in the following contexts:
New Semantically Secure Public-Key Cryptosystems from the.. - Sakurai, Takagi (2001)   (2 citations)  (Correct)

....computational small e root problem (C SR) problem, which computes x 2 ZZ=nZZ from given x . They also proved that the semantic security of the S Paillier scheme Recently, Cramer and Shoup proposed IND CCA cryptosystems based on the Paillier cryptosystem or the Goldwasser Micali cryptosystem [CS01]. 1 Introduction 3 is as hard as to solve the decisional small e root problem (D SR) problem, which decides whether y 2 ZZ=n ZZ is represented as y = x for x 2 ZZ=nZZ. Contributions of this paper In this paper we investigate the security of the S Paillier cryptosystem. At rst we prove ....

R. Cramer and V. Shoup, \Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-Key encryption ," Cryptology ePrint Archive, IACR, http://eprint.iacr.org/, 2001.

Fujisaki-Okamoto IND-CCA hybrid encryption revisited - Galindo, Martín.. (2003)   (2 citations)  (Correct)

....or the length of the messages that can be encrypted. However, to develop a practical provably secure cryptosystem in the sense of INDCCA is a quite di#cult task. In fact, few such schemes are known in the standard model, being the exceptions the schemes designed in the Cramer Shoup paradigm [7]. In the idealized Random Oracle Model [2] several powerful generic constructions have been designed [10, 17, 14, 5] which provide practical IND CCA schemes from weak asymmetric and symmetric schemes. Among these constructions, 14, 5] present a better security reduction than [10, 17] This is ....

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. EUROCRYPT '2002, LNCS 2332 45--64 (2002).

A Framework for Password-Based Authenticated Key Exchange - Gennaro, Lindell (2003)   (19 citations)  (Correct)

....a framework for password based authenticated key exchange protocols in the common reference string model. Our construction is an abstraction of the KOY protocol [21] and uses non malleable commitments [14] one time signature schemes and the smooth projective hash functions of Cramer and Shoup [10]. The advantages of this abstraction are as follows: 1. The security of the resulting protocol can be intuitively understood. Our work can thus also be seen as an explanation of the KOY protocol (in a similar way to the fact that [10] can be seen as an explanation of [9] 2. The proof of our ....

....and the smooth projective hash functions of Cramer and Shoup [10] The advantages of this abstraction are as follows: 1. The security of the resulting protocol can be intuitively understood. Our work can thus also be seen as an explanation of the KOY protocol (in a similar way to the fact that [10] can be seen as an explanation of [9] 2. The proof of our protocol is significantly simpler than that of [21] although there are definite similarities in the high level overview of the proof (see [20] for a full proof of the [21] protocol) Having abstracted out the building blocks of the ....

[Article contains additional citation context not shown here]

R. Cramer and V.Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In Eurocrypt 2002.

A semantically secure elliptic curve RSA scheme.. - Galindo.. (2002)   (Correct)

....IND CCA for short, can be given in the random oracle model applying the technique introduced by Pointcheval in [14] It would be interesting to provide IND CCA security in the standard model to Catalano et al. scheme as well as to ours. To achieve this goal, the recent work of Cramer and Shoup [5] could provide useful ideas. Since the publication of Paillier s crytosystem [12] several new decisional assumptions have been formulated (e.g in [3] 7] 8] There is little knowledge about the validity of these assumptions, and a careful study of it would be worthwhile. ....

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertex Secure Public-Key Encryption. Paper accepted at EUROCRYPT '2002. 8

A Simpler Construction of CCA2-Secure Public-Key Encryption Under .. - Lindell (2002)   (18 citations)  (Correct)

.... presented in a breakthrough work by Cramer and Shoup [4] However, their construction relies on a specific complexity assumption (namely, the Decisional Diffie Hellman assumption) Recently, they presented other CCA2 secure schemes, relying on other assumptions (some of which are more standard) [5]. We stress that our work is incomparable to theirs. On the one hand, they achieve high efficiency while relying on specific complexity assumptions. On the other hand, we assume only the existence of trapdoor permutations, but obtain a scheme that is very inefficient due to the generic NIZK proof ....

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In EUROCRYPT 2002.

A Unified Methodology For Constructing Public-Key Encryption.. - Elkind, Sahai (2002)   (2 citations)  (Correct)

....schemes, as well. These two works, however, used seemingly very different techniques. Although a number of researchers have observed that a portion of the Cramer Shoup cryptosystem can be seen as a Simulation Sound NIZK proof system, the rest of the cryptosystem, which has been generalized in [5], does not fit into the two key paradigm. The two key paradigm and the proof of security given in [14] make critical use of the existence of two decryption keys, which allow for a reduction of the security of the overall scheme to the passive security of a component scheme. The proof of [14] ....

....indistinguishability arguments. Unfortunately, no practical instantiation of the two key scheme has ever been given, because of the difficulty of designing NIZK proofs of consistency of encryptions for two different public keys. The Cramer Shoup cryptosystem [3] and its generalizations [5], on the other hand, make use of only a single decryption key. Furthermore, their proof of security does not reduce attacks on the scheme to an attack on a simpler encryption scheme, but rather argues directly that a successful attack would contradict some underlying assumption, such as the ....

[Article contains additional citation context not shown here]

R. CRAMER AND V. SHOUP, Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. IACR Cryptology E-Print Archive, October 2001.

An efficient semantically secure elliptic curve.. - Galindo, Martin.. (2002)   (Correct)

....IND CCA for short, can be given in the random oracle model applying the technique introduced by Pointcheval in [24] It would be interesting to provide IND CCA security in the standard model to Catalano et al. scheme as well as to ours. To achieve this goal, the recent work of Cramer and Shoup [8] could provide useful ideas. Appendix: proof of Lemma 3 The following function is well de ned and bijective: x; y; m) e#P Om : e is well de ned. From the addition formula for an ane point and a point at in nity (at the very end of section 2) we deduce e (x; y; m) e#(x; ....

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertex Secure Public-Key Encryption. Paper accepted at EUROCRYPT '2002.

A Note on Bounded Chosen Ciphertext Security from.. - Cramer, Hofheinz, Kiltz (2006)   (1 citation)  Self-citation (Cramer)   (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Lars R. Knudsen, editor, Advances in Cryptology -- EUROCRYPT

Research Reports on - Mathematical And Computing   Self-citation (Cramer Shoup)   (Correct)

No context found.

Cramer, R., and Shoup, V. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In Advances in Cryptology -- EUROCRYPT

Design and Analysis of Practical Public-Key Encryption Schemes .. - Cramer, Shoup (2001)   (38 citations)  Self-citation (Cramer Shoup)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public key encryption. Cryptology ePrint Archive, Report 2001/085, 2001. http://eprint.iacr.org.

Sequences of Games: A Tool for Taming Complexity in Security Proofs - Shoup (2004)   (15 citations)  Self-citation (Shoup)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public key encryption. In Advances in Cryptology-- Eurocrypt 2002, pages 45--64, 2002. Full version at http://eprint.iacr.org/ 2001/085.

A Variant of the Cramer-Shoup Cryptosystem for Groups of Unknown.. - Lucks (2002)   (1 citation)  Self-citation (Cramer Shoup)   (Correct)

No context found.

R. Cramer V. Shoup: "Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption", preprint, 2nd version, December 12, 2001, http://eprint.iacr.org/2001/085/. (Extended abstract at Eurocrypt 2002.)

Practical Verifiable Encryption and Decryption of Discrete.. - Camenisch, Shoup (2003)   (17 citations)  Self-citation (Shoup)   (Correct)

No context found.

R. Cramer and V. Shoup, Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, Advances in Cryptology --- EUROCRYPT

Practical Verifiable Encryption and Decryption of Discrete.. - Camenisch, Shoup (2002)   (17 citations)  Self-citation (Shoup)   (Correct)

.... inecient cut and choose paradigm (e.g. 1, 10] However, it was known [11, 32] how to avoid the cut and choose paradigm if one was willing to accept a weaker form of security, namely semantic security [28] In this paper, we present a variant of the new public key encryption of Cramer and Shoup [22] based on Paillier s decision composite residuosity assumption [34] along with an ecient protocol for veri able encryption of discrete logarithms. This is the rst such veri able encryption system that provides chosen ciphertext security and avoids inecient cut and choose proofs. We note that ....

....rst check that abs(v) v and u . If this does not hold, then output reject and halt. Next, let t = 2 mod n, and compute m : e=u 2t . If m is of the form h for some m 2 [n] then output m; otherwise, output reject. This scheme di ers from the DCR based schemes presented in [22], because in our situation, special attention must be paid to the treatment of elements of order 2 in the Z 2 , as these can cause some trouble for the proof systems we discuss in the next sections. Because of these di erences, the above encryption scheme does not exactly t into the general ....

[Article contains additional citation context not shown here]

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. http://eprint.iacr.org/2001.

A Variant of the Cramer-Shoup Cryptosystem for Groups with Unknown .. - Lucks (2002)   Self-citation (Cramer Shoup)   (Correct)

.... such as the oracle Die Hellman assumption [1] The only cryptosystem known to be both practical and provably secure under standard assumptions mainly, the decisional Die Hellman assumption is the Cramer Shoup cryptosystem [3] Recently, the same authors proposed a of their cryptosystem [4]. As an alternative to the Die Hellman assumption, the generalisation s security can be based either on the Paillier s decision composite residiosity assumption or on the quite classical quadratic residiosity (QR) assumption. As pointed out in [4] the QR based variant of the generalisation is ....

....the same authors proposed a of their cryptosystem [4] As an alternative to the Die Hellman assumption, the generalisation s security can be based either on the Paillier s decision composite residiosity assumption or on the quite classical quadratic residiosity (QR) assumption. As pointed out in [4], the QR based variant of the generalisation is quite inecient in practice. In this paper, we propose another generalisation of the Cramer Shoup cryptosystem, which works in groups of unknown order. Set N = PQ, P = 2p 1, Q = 2q 1, p 6= q, and let P , Q, p and q be odd primes. We consider ....

[Article contains additional citation context not shown here]

R. Cramer V. Shoup, \universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption", preprint, 2nd version, December 12, 2001, IACR eprint server.

Design and Analysis of Practical Public-Key Encryption Schemes .. - Cramer, Shoup (2001)   (38 citations)  Self-citation (Cramer Shoup)   (Correct)

....1.3 Further progress Subsequent to the publication of the extended abstract [CS98] on which the present paper is based, some further progress in this area has been made. Canetti and Goldwasser [CG99] presented a threshold decryption variant of our scheme. Also, the authors of the present paper [CS01] have generalized and extended the basic ideas underlying our encryption scheme, obtaining new and quite practical encryption schemes that are secure against adaptive chosen ciphertext attack under di erent assumptions one scheme relies on Paillier s Decision Composite Residuosity assumption ....

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public key encryption. Cryptology ePrint Archive, Report

Code-Based Game-Playing Proofs and the Security of Triple.. - Bellare, Rogaway (2006)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public key encryption. Eurocrypt '02.

A Generic Construction of CCA-Secure Cryptosystems without .. - Goichiro Hanaoka And   (Correct)

No context found.

R. Cramer and V. Shoup, "Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption," Proc. of Eurocrypt'02, pp.45-64, 2002. 18

An efficient hybrid encryption in standard model - Lu (2006)   (Correct)

No context found.

R. Cramer and V. Shoup, "Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption", Adv. in Cryptology - Eurocrypt 2002.

Revisit of chosen ciphertext secure public key encryption in.. - Lu, He, Li (2006)   (Correct)

No context found.

R. Cramer and V. Shoup, "Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption", Adv. in Cryptology - Eurocrypt 2002.

Invisible Designated Confirmer Signatures without Random Oracles - Wei (2006)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In EUROCRYPT 2002, volume 2332 of LNCS, pages 45--64. Springer-Verlag, 2002.

Password-Authenticated Constant-Round - Group Key Establishment (2006)   (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In Lars Knudsen, editor, Advances in Cryptology -- EUROCRYPT 2002, volume 2332 of Lecture Notes in Computer Science, pages 45--64. Springer, 2002.

Improved Proxy Re-Encryption Schemes with.. - Ateniese, Fu.. (2005)   (3 citations)  (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Proceedings of Eurocrypt '02, volume 2332 of LNCS, pages 45--64, 2002.

Derandomization in Cryptography - Barak, Ong, Vadhan (2005)   (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Advances in Cryptology - EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, The Netherlands, April 28 - May 2, 2002, Proceedings, pages 45--64, 2002.

Designated Confirmer Signatures Revisited - Wikström (2006)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. http://homepages.cwi.nl/ cramer/, June 1999. 44

Spreading Alerts Quietly - And The Subgroup (2005)   (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Lars R. Knudsen, editor, Proceedings of EUROCRYPT 2002, volume 2332 of Lecture Notes in Computer Science, pages 45--64. Springer-Verlag, 2002.

One-Wayness/KEM Equivalent to General Factoring - Kurosawa, Takagi (2005)   (Correct)

No context found.

R. Cramer and V. Shoup, "Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption," EUROCRYPT 2002.

Universally Composable Password-Based Key Exchange - Canetti, Halevi, Katz.. (2005)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. Advances in Cryptology -- Eurocrypt 2002.

Tag-KEM/DEM: A New Framework for Hybrid Encryption - Abe, Gennaro, Kurosawa (2005)   (1 citation)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In L. Knudsen, editor, Advances in Cryptology|EUROCRYPTO '02, volume 2332 of Lecture Notes in Computer Science, pages 45-64. Springer-Verlag, 2002.

New Semantically Secure Public-Key Cryptosystems from the.. - Sakurai, Takagi (2001)   (2 citations)  (Correct)

No context found.

R. Cramer and V. Shoup, \Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-Key encryption ," Cryptology ePrint Archive, IACR, http://eprint.iacr.org/, 2001.

Adaptively-Secure, Non-Interactive Public-Key Encryption - Canetti, Halevi, Katz (2004)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. Adv. in Cryptology --- Eurocrypt

A new security proof for Damgård's ElGamal - Gjøsteen (2005)   (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Lars R. Knudsen, editor, Proceedings of EUROCRYPT 2002.

The Game-Playing Technique - Bellare, Rogaway (2004)   (1 citation)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public key encryption. Eurocrypt '02.

Improved Efficiency for CCA-Secure Cryptosystems Built Using.. - Boneh, Katz (2004)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. Adv. in Cryptology --- Eurocrypt 2002.

On Protocol Security in the Cryptographic Model - Nielsen (2003)   (1 citation)  (Correct)

No context found.

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. Research Series RS01 -37, BRICS, Department of Computer Science, University of Aarhus, October 2001.

Single Database Private Information Retrieval with Logarithmic.. - Chang (2004)   (4 citations)  (Correct)

No context found.

R. Cramer and V. Shoup, "Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption," Eurocrypt 2002, pp. 45--64.

Public-Key Steganography - von Ahn, Hopper (2003)   (8 citations)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure PublicKey Encryption. Advances in Cryptology: EUROCRYPT '02, Springer LNCS 2332, pages 45-64. 2002.

Chosen-Ciphertext Security from Identity-Based Encryption - Ran Canetti Shai (2003)   (30 citations)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. Adv. in Cryptology --- Eurocrypt 2002.

Public-Key Steganography - von Ahn, Hopper (2003)   (8 citations)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure PublicKey Encryption. Advances in Cryptology: EUROCRYPT '02, Springer LNCS 2332, pages 45-64. 2002.

Immunizing Encryption Schemes from Decryption Errors - Dwork, Naor, Reingold (2004)   (2 citations)  (Correct)

No context found.

R. Cramer and V. Shoup, Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure PublicKey Encryption, Advances in Cryptology -- EUROCRYPT

Some RSA-based Encryption Schemes with Tight Security Reduction - Kurosawa, Takagi (2003)   (2 citations)  (Correct)

No context found.

R. Cramer and V. Shoup, "Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption," EUROCRYPT 2002, LNCS 2332, pp.45-64, 2002.

Alternatives to Non-Malleability: Definitions.. - MacKenzie, Reiter, Yang (2004)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Advances in Cryptology---EUROCRYPT 2002.

Alternatives to Non-malleability: Definitions.. - MacKenzie, Reiter, Yang (2004)   (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Advances in Cryptology--- EUROCRYPT 2002 (Lecture Notes in Computer Science 2332), pp. 45--64, 2002.

Why Provable Security Matters? - Stern   (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public Key Encryption. In Eurocrypt'2002, Lecture Notes in Computer Science 2332, 45-64.

Efficient and Non-Malleable Proofs of Plaintext Knowledge and.. - Katz (2002)   (2 citations)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen-Ciphertext-Secure Public-Key Encryption. Advances in Cryptology --- Eurocrypt 2002, LNCS vol. 2332, L. Knudsen, ed., Springer-Verlag, 2002, pp. 45--64.

Rerandomizable and Replayable Adaptive Chosen Ciphertext Attack.. - Groth (2004)   (Correct)

No context found.

Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: proceedings of EUROCRYPT '02, LNCS series, volume 2332. (2002) 45-64

Chosen-Ciphertext Security from Identity-Based Encryption - Canetti, Halevi, Katz (2004)   (30 citations)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. Adv. in Cryptology --- Eurocrypt 2002, LNCS vol. 2332, Springer-Verlag, pp. 45--64, 2002.

Identity-Based Signcryption - Malone-Lee (2002)   (2 citations)  (Correct)

No context found.

R. Cramer and V. Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Advances in Cryptology - EUROCRYPT 2002, volume 2332 of Lecture Notes in Computer Science, pages 45--64. Springer-Verlag, 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC