Sciweavers

TCC
2004
Springer

Rerandomizable and Replayable Adaptive Chosen Ciphertext Attack Secure Cryptosystems

13 years 7 months ago
Rerandomizable and Replayable Adaptive Chosen Ciphertext Attack Secure Cryptosystems
Recently Canetti, Krawczyk and Nielsen defined the notion of replayable adaptive chosen ciphertext attack (RCCA) secure encryption. Essentially a cryptosystem that is RCCA secure has full CCA2 security except for the little detail that it may be possible to modify a ciphertext into another ciphertext containing the same plaintext. We investigate the possibility of perfectly replayable RCCA secure encryption. By this, we mean that anybody can convert a ciphertext y with plaintext m into a different ciphertext y that is distributed identically to a fresh encryption of m. We propose such a rerandomizable cryptosystem, which is secure against semi-generic adversaries. We also define a weak form of RCCA (WRCCA) security. For this notion we provide a construction (inspired by Cramer and Shoup’s CCA2 secure cryptosystems) that is both rerandomizable and provably WRCCA secure. We use it as a building block in our conjectured RCCA secure cryptosystem.
Jens Groth
Added 02 Jul 2010
Updated 02 Jul 2010
Type Conference
Year 2004
Where TCC
Authors Jens Groth
Comments (0)