Y. Zheng. Improved public key cryptosystems secure against chosen ciphertext attacks. Technical Report tr-94-1, 1994.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....channels. 2.4 Using Authentication To use the Talking Securely authentication process, a user must select one of the authentication options (see section 2.3) The algorithms used in the authentication process are shown in figure 2. 4 These algorithms for authentication can be found in [Zhe94] The general process of authentication involves message comparison. In the Talking Securely system, the basic message contains a 64 bit classical key (to be used if the security process has been selected) and some handshaking information. The basic message along with a combination of our private ....

Y. Zheng. Improved public key cryptosystems secure against chosen ciphertext attacks, February 1994.

No context found.

Y. Zheng, Improved public key cryptosystems secure against chosen ciphertext attacks, Technical Report 94-1, University of Wollongong, 1994. 11

.... to be sent to Bob is defined as ( c = E k 1 (m) u = g x mod p, r = KH k 2 (m) where (1) x is chosen uniformly at random from [1; q 0 1] and (2) k 1 ; k 2 ) k = hash(y x b mod p) It turns out C kh is a slightly modified version of a scheme that has received special attention in [29, 3]. See also earlier work [33] Using a similar argument as that in [29, 3] we can show in the following that for C kh , it is computationally infeasible for an adaptive attacker to gain any partial information on m. 5.3 Non repudiation As discussed in Section 4, signcryption requires a ....

.... 2 (m) where (1) x is chosen uniformly at random from [1; q 0 1] and (2) k 1 ; k 2 ) k = hash(y x b mod p) It turns out C kh is a slightly modified version of a scheme that has received special attention in [29, 3] See also earlier work [33] Using a similar argument as that in [29, 3], we can show in the following that for C kh , it is computationally infeasible for an adaptive attacker to gain any partial information on m. 5.3 Non repudiation As discussed in Section 4, signcryption requires a repudiation settlement procedure different from the one for a digital signature ....

Zheng, Y.: Improved public key cryptosystems secure against chosen ciphertext attacks. Technical Report 94-1 University of Wollongong Australia January 1994.

....scheme (say SCS1) With the encryption scheme C kh , the ciphertext of a message m is defined as ( u = g x mod p, c = E k1 (m) r = KH k2 (m) where k 1 and k 2 are defined in the same way as in SCS1. C kh is a slightly modified version of a scheme that has received special attention in [23, 3] (see also earlier work [25] Now assume that there is an attacker for SCS1. Call this attacker ASCS1 . We show how A SCS1 can be translated into one for C kh , called ACkh . Note that for a message m, the input to ASCS1 includes q, p, g, y a = g xa mod p, y b = g x b mod p, u = g x mod p, ....

Zheng, Y.:. Improved public key cryptosystems secure against chosen ciphertext attacks. Technical Report 94-1 University of Wollongong Australia January 1994.

No context found.

Y. Zheng. Improved public key cryptosystems secure against chosen ciphertext attacks. Technical Report tr-94-1, 1994.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC