Efficient chosen-ciphertext security via extractable hash proofs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
ProvSec'10 Proceedings of the 4th international conference on Provable security
Chosen-Ciphertext Security via Correlated Products
SIAM Journal on Computing
Parallel decryption queries in bounded chosen ciphertext attacks
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
ISC'11 Proceedings of the 14th international conference on Information security
Chosen-Ciphertext security from slightly lossy trapdoor functions
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Adaptive trapdoor functions and chosen-ciphertext security
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Detecting dangerous queries: a new approach for chosen ciphertext security
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Reaction attack on outsourced computing with fully homomorphic encryption schemes
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Blackbox construction of a more than non-malleable CCA1 encryption scheme from plaintext awareness
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Randomness-Dependent message security
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
International Journal of Grid and Utility Computing
Black-box construction of a more than non-malleable CCA1 encryption scheme from plaintext awareness
Journal of Computer Security - Advances in Security for Communication Networks
| Hi-index | 0.00 |
Under CPA and CCA1 attacks, a secure bit encryption scheme can be applied bit-by-bit to construct a secure many-bit encryption scheme. The same construction fails, however, under a CCA2 attack. In fact, since the notion of CCA2 security was introduced by Rackoff and Simon~\cite{RackoffSi92}, it has been an open question to determine whether single bit CCA2 secure encryption implies the existence of many-bit CCA2 security. We positively resolve this long-standing question and establish that bit encryption is complete for CPA, CCA1, and CCA2 notions. Our construction is black-box, and thus requires novel techniques to avoid known impossibility results concerning trapdoor predicates~\cite{GMR}. To the best of our knowledge, our work is also the first example of a non-shielding reduction (introduced in~\cite{GMM07}) in the standard (i.e., not random-oracle) model.