On modeling IND-CCA security in cryptographic protocols. Cryptology ePrint Archive, Report 2003/024 (2003) [7 citations — 2 self]
by Dennis Hofheinz, Rainer Steinw
http://eprint.iacr.org/2003/024.ps.gz
Add To MetaCart
Abstract:
Abstract. Two common notions of security for public key encryption schemes are shown to be equivalent: we prove that indistinguishability against chosen-ciphertext attacks (IND-CCA) is in fact polynomially equivalent to (yet \slightly " weaker than) securely realizing the ideal functionality FPKE in the general modeling of cryptographic protocols of [Can01a]. This disproves in particular the claim that security in the sense of IND-CCA strictly implies security in the sense of realizing FPKE (see [Can01a]). Moreover, we give concrete reductions among such security notions and show that these relations hold for both uniform and non-uniform adversarial entities.
Citations
| 845 | Probabilistic Encryption – Goldwasser, Micali - 1984 |
| 354 | Relations among notions of security for public-key encryption schemes – Bellare, Desai, et al. - 1462 |
| 306 | Universally composable security: A new paradigm for cryptographic protocols – Canetti - 2001 |
| 245 | Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack – Rackoff, Simon - 1992 |
| 237 | P.: A Concrete Security Treatment of Symmetric Encryption – Bellare, Desai, et al. - 1997 |
| 105 | A model for asynchronous reactive systems and its application to secure message transmission – Pfitzmann, Waidner - 2001 |
| 1 | Email communication with the authors – Canetti - 2002 |
| 1 | Relaxing chosen ciphertext security, February 2003. Unpublished manuscript – Canetti, Krawczyk, et al. |
