Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Fast Probabilistic Algorithms for Verification of Polynomial Identities
Journal of the ACM (JACM)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Using hash functions as a hedge against chosen ciphertext attack
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A new security proof for damgård’s elgamal
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Hybrid Damgård Is CCA1-Secure under the DDH Assumption
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
A New Randomness Extraction Paradigm for Hybrid Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
PA1 and IND-CCA2 do not guarantee PA2: brief examples
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
On the CCA1-security of Elgamal and Damgård's Elgamal
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Adaptive CCA broadcast encryption with constant-size secret keys and ciphertexts
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Hi-index | 0.00 |
ElGamal encryption, by its efficiency, is one of the most used schemes in cryptographic applications. However, the original ElGamal scheme is only provably secure against passive attacks. Damgård proposed a slight modification of ElGamal encryption scheme (named Damgård's ElGamal scheme) that provides security against non-adaptive chosen ciphertext attacks under a knowledge-of-exponent assumption. Recently, the CCA1-security of Damgård's ElGamal scheme has been proven under more standard assumptions. In this paper, we study the open problem of CCA2-security of Damgård's ElGamal. By employing a data encapsulation mechanism, we prove that the resulted hybrid Damgård's ElGamal Encryption is secure against adaptive chosen ciphertext attacks. The down side is that the proof of security is based on a knowledge-of-exponent assumption. In terms of efficiency, this scheme is more efficient (e.g. one exponentiation less in encryption) than Kurosawa-Desmedt scheme, the most efficient scheme in the standard model so far.