Bounded CCA2-Secure Encryption

10 years 3 months ago
Bounded CCA2-Secure Encryption
Abstract. Whereas encryption schemes withstanding passive chosenplaintext attacks (CPA) can be constructed based on a variety of computational assumptions, only a few assumptions are known to imply the existence of encryption schemes withstanding adaptive chosen-ciphertext attacks (CCA2). Towards addressing this asymmetry, we consider a weakening of the CCA2 model — bounded CCA2-security — wherein security needs only hold against adversaries that make an a-priori bounded number of queries to the decryption oracle. Regarding this notion we show (without any further assumptions): – For any polynomial q, a simple black-box construction of q-bounded IND-CCA2-secure encryption schemes, from any IND-CPA-secure encryption scheme. When instantiated with the Decisional DiffieHellman (DDH) assumption, this construction additionally yields encryption schemes with very short ciphertexts. – For any polynomial q, a (non-black box) construction of q-bounded NM-CCA2-secure encryption schemes, ...
Ronald Cramer, Goichiro Hanaoka, Dennis Hofheinz,
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Authors Ronald Cramer, Goichiro Hanaoka, Dennis Hofheinz, Hideki Imai, Eike Kiltz, Rafael Pass, Abhi Shelat, Vinod Vaikuntanathan
Comments (0)