Sciweavers

ACNS
2004
Springer

On the Security of Cryptosystems with All-or-Nothing Transform

13 years 8 months ago
On the Security of Cryptosystems with All-or-Nothing Transform
We study the data privacy of cryptosystems with All-or-Nothing transform (AONT). An AONT is an efficient computable transform with two properties: Given all the bits of its output, it is easy to retrieve the message. On the other hand, if sufficiently many bits of the output are missing, it is computationally infeasible for an polynomial-time adversary to learn any information about the message. However, in this paper we show that the definition of AONT and construction of “secure” cryptosystems from AONTs need more careful consideration. Our results are three-fold: First we answer an open problem raised in [6], showing that previous definitions are not sufficient to guarantee a provably secure cryptosystem with strong security, namely, indistinguishability against chosen ciphertext attack (IND-CCA). Second, we give a new definition to AONT and prove this definition is sufficient to be integrated with any trapdoor function to acquire IND-CCA secure cryptosystems. Third, we giv...
Rui Zhang 0002, Goichiro Hanaoka, Hideki Imai
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Where ACNS
Authors Rui Zhang 0002, Goichiro Hanaoka, Hideki Imai
Comments (0)