Skip to main content
Springer Nature Link
Log in

Plaintext-Awareness of Hybrid Encryption

  • Conference paper
Topics in Cryptology - CT-RSA 2010 (CT-RSA 2010)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 5985))

Included in the following conference series:

Abstract

We study plaintext awareness for hybrid encryptions. Based on a binary relation R, we define a new notion of PA2 (or R-PA2 for short) and a notion of IND-CCA2 (or R-IND-CCA2 for short) for key encapsulation mechanism (KEM). We define a relation R DEM from the description of data encryption mechanism (DEM). We prove two composition results, which holds with or without (public) random oracles.

  • a. When KEM, with R DEM -PA2 and R DEM -IND-CCA2 security, composes with a one-time pseudorandom and unforgeable (OT-PUE) DEM, the resulting hybrid encryption is PA2 secure. OT-PUE is weak and even unnecessarily passively secure and can be realized by a one-time pad encryption followed by a pseudorandom function.

  • b. If KEM is R DEM -IND-CCA and DEM is passively secure and unforgeable, the hybrid encryption (KEM, DEM) is IND-CCA2 secure.

As an application, we show that DHIES, a public key encryption scheme by Abdalla et al. [1] and now in IEEE P1361a and ANSI X.963, is PA2 secure. As another application, we prove that a hash proof system based hybrid encryption is PA2. Consequently, this especially implies that the concrete Kurosawa-Desmedt hybrid encryption (CRYPTO04) is PA2.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Abe, M., Kiltz, E., Okamoto, T.: Compact CCA-Secure Encryption for Messages of Arbitrary Length. In: Public Key Cryptography 2009. LNCS, vol. 5443, pp. 377–392. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Abe, M., Kiltz, E., Okamoto, T.: Chosen Ciphertext Security with Optimal Ciphertext Overhead. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 355–371. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  4. Abe, M., Gennaro, R., Kurosawa, K.: Tag-KEM/DEM: A New Framework for Hybrid Encryption. J. Cryptology 21(1), 97–130 (2008)

    Article  MATH  MathSciNet  Google Scholar 

  5. American National Standards Institute (ANSI) X9.F1 subcommittee, ANSI X9.63 Public key cryptography for the Financial Services Industry: Elliptic curve key agreement and key transport schemes, Working draft, January 8 (1999)

    Google Scholar 

  6. Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)

    Google Scholar 

  7. Bellare, M., Palacio, A.: Towards Plaintext-Aware Public-key Encryption without Random Oracles. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 48–62. Springer, Heidelberg (2004)

    Google Scholar 

  8. Bellare, M., Rogaway, P.: Random Oracle is Practical: A Paradigm for Designing Efficient Protocols. In: Proceedings of the 1st ACM Symposium on Computer and Communication Security, CCS 1993, pp. 62–73 (1993)

    Google Scholar 

  9. Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  10. Bellare, M., Rogaway, P.: Minimizing the use of random oracles in authen- ticated encryption schemes. In: Han, Y., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 1–16. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  11. Blum, M., Feldman, P., Micali, S.: Non-interactive zero knowledge and its applications. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, STOC 1988, pp. 103–112 (1988)

    Google Scholar 

  12. Blum, M., Feldman, P., Micali, S.: Proving security against chosen ciphertext attacks. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 256–268. Springer, Heidelberg (1990)

    Google Scholar 

  13. Certicom Research, Standards for Efficient Crpytography Group (SECG) - SEC 1: Elliptic Curve Cryptography. Version 1.0, September 20 (2000)

    Google Scholar 

  14. Choi, S., Herranz, J., Hofheinz, D., Hwang, J.Y., Kiltz, E., Lee, D.H., Yung, M.: The Kurosawa-Desmedt Key Encapsulation is not Chosen-Ciphertext Secure. Information Processing Letters 109(16), 897–901 (2009)

    Article  MathSciNet  Google Scholar 

  15. Cramer, R., Shoup, V.: Design and Analysis of Practical Public-Key Encryption Schemes Secure Against Adaptive Chosen Ciphertext Attack. SIAM Journal on Computing 33, 167–226 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  16. Desai, A.: New Paradigms for Constructing Symmetric Encryption Schemes Secure against Chosen-Ciphertext Attack. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 394–412. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  17. Dent, A.: The Cramer-Shoup Encryption Scheme is Plaintext Aware in the Standard Model. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 289–307. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  18. Di Raimondo, M., Gennaro, R., Krawczyk, H.: Deniable Authentication and Key Exchange. In: Proceedings of the 13th ACM Computer and Communication Security, CCS 2006, pp. 400–409 (2006)

    Google Scholar 

  19. IEEE P1363a Committee, IEEE P1363a, Version D6, November 9, 2000. Standard specifications for public-key cryptography

    Google Scholar 

  20. Goldwasser, S., Micali, S.: Probabilitic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)

    Article  MATH  MathSciNet  Google Scholar 

  21. Herzog, J., Lizkov, M., Micali, S.: Plaintext Awareness via Key Registration. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 548–564. Springer, Heidelberg (2003)

    Google Scholar 

  22. Hofheinz, D., Kiltz, E.: Secure Hybrid Encryption from Weakened Key Encapsulation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 553–571. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  23. Hofheinz, D., Kiltz, E.: Practical Chosen Ciphertext Secure Encryption from Factoring. In: EUROCRYPT 2009. LNCS, vol. 5479, pp. 313–332. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  24. Jiang, S., Wang, H.: Plaintext-Awareness of Hybrid Encryption. Full version of this work, http://sites.google.com/site/shaoquan0825

  25. Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)

    Google Scholar 

  26. Kurosawa, K., Matsuo, T.: How to Remove MAC from DHIES. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 236–247. Springer, Heidelberg (2004)

    Google Scholar 

  27. Möller, B.: A Public-Key Encryption Scheme with Pseudo-random Ciphertexts. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 335–351. Springer, Heidelberg (2004)

    Google Scholar 

  28. Pass, R.: On the deniability in the common reference string and random oracle model. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 316–337. Springer, Heidelberg (2003)

    Google Scholar 

  29. Phan, D.H., Pointcheval, D.: About the Security of Ciphers (Semantic Security and Pseudo-Random Permutations). In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 182–197. Springer, Heidelberg (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, University of Electronic Science and Technology of China,  

    Shaoquan Jiang

  2. School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore

    Huaxiong Wang

Authors
  1. Shaoquan Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huaxiong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Macquarie University, NSW 2109, Sydney, Australia

    Josef Pieprzyk

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jiang, S., Wang, H. (2010). Plaintext-Awareness of Hybrid Encryption. In: Pieprzyk, J. (eds) Topics in Cryptology - CT-RSA 2010. CT-RSA 2010. Lecture Notes in Computer Science, vol 5985. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11925-5_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-11925-5_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-11924-8

  • Online ISBN: 978-3-642-11925-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics