Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
On the Power of Misbehaving Adversaries and Security Analysis of the Original EPOC
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
An efficient public key cryptosystem with a privacy enhanced double decryption mechanism
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Additively homomorphic encryption with a double decryption mechanism, revisited
ISC'12 Proceedings of the 15th international conference on Information Security
Hi-index | 0.89 |
In public key encryption schemes with a double decryption mechanism (DD-PKE), decryption can be done in either of two ways: by the user owning the secret/public key pair corresponding to the ciphertext, or by a trusted party holding a sort of master secret-key. In this note we argue that the classical security notion for standard public key encryption schemes does not suffice for DD-PKE schemes, and propose a new natural definition. Additionally, we illustrate the usefulness of the new security definition by showing that a DD-PKE scheme presented in the workshop Selected Areas in Cryptography 2005 is insecure under this augmented security notion.