Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Signature schemes based on the strong RSA assumption
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Pseudorandomness and Cryptographic Applications
Pseudorandomness and Cryptographic Applications
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Algorithms
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
LFSR-based Hashing and Authentication
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Collision-Resistant Hashing: Towards Making UOWHFs Practical
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
On the Security of ElGamal Based Encryption
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Number-theoretic constructions of efficient pseudo-random functions
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
An Efficient Off-line Electronic Cash System Based On The Representation Problem.
An Efficient Off-line Electronic Cash System Based On The Representation Problem.
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
Publicly verifiable secret sharing
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
A composition theorem for universal one-way hash functions
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Securely combining public-key cryptosystems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
The Analysis of Zheng-Seberry Scheme
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Security of Signed ElGamal Encryption
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Variant of the Cramer-Shoup Cryptosystem for Groups of Unknown Order
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Williams Based Public Key Encryption Scheme
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Tree-based group key agreement
ACM Transactions on Information and System Security (TISSEC)
Group Key Agreement Efficient in Communication
IEEE Transactions on Computers
New approaches for deniable authentication
Proceedings of the 12th ACM conference on Computer and communications security
Direct chosen ciphertext security from identity-based techniques
Proceedings of the 12th ACM conference on Computer and communications security
Secure attribute-based systems
Proceedings of the 13th ACM conference on Computer and communications security
Cryptanalysis of e-mail protocols providing perfect forward secrecy
Computer Standards & Interfaces
Provably Secure Timed-Release Public Key Encryption
ACM Transactions on Information and System Security (TISSEC)
A tapestry of identity-based encryption: practical frameworks compared
International Journal of Applied Cryptography
Stateful identity-based encryption scheme: faster encryption and decryption
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Cramer-Shoup Satisfies a Stronger Plaintext Awareness under a Weaker Assumption
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
New Anonymity Notions for Identity-Based Encryption
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
A CCA Secure Hybrid Damgård's ElGamal Encryption
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Chosen Ciphertext Secure Public Key Encryption with a Simple Structure
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Hybrid Damgård Is CCA1-Secure under the DDH Assumption
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A New Randomness Extraction Paradigm for Hybrid Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Folklore, practice and theory of robust combiners
Journal of Computer Security
New Anonymity Notions for Identity-Based Encryption
Formal to Practical Security
The Kurosawa--Desmedt key encapsulation is not chosen-ciphertext secure
Information Processing Letters
Characterizing Padding Rules of MD Hash Functions Preserving Collision Security
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
One-wayness equivalent to general factoring
IEEE Transactions on Information Theory
Parallel key-insulated public key encryption without random oracles
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Generic certificateless key encapsulation mechanism
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Secure hybrid encryption from weakened key encapsulation
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Secure attribute-based systems
Journal of Computer Security
Some (in)sufficient conditions for secure hybrid encryption
Information and Computation
Efficient chosen-ciphertext security via extractable hash proofs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
A generic method for reducing ciphertext length of reproducible KEMs in the RO model
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
ProvSec'10 Proceedings of the 4th international conference on Provable security
Certificateless public key encryption: A new generic construction and two pairing-free schemes
Theoretical Computer Science
Journal of Computer Science and Technology
Chosen ciphertext secure encryption under factoring assumption revisited
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Identification schemes from key encapsulation mechanisms
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
ISC'11 Proceedings of the 14th international conference on Information security
Relationship between standard model plaintext awareness and message hiding
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Hardness of distinguishing the MSB or LSB of secret keys in diffie-hellman schemes
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Hybrid signcryption schemes with insider security
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Improved efficiency for CCA-secure cryptosystems built using identity-based encryption
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
On tolerant cryptographic constructions
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
On robust combiners for oblivious transfer and other primitives
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Tag-KEM/DEM: a new framework for hybrid encryption and a new analysis of kurosawa-desmedt KEM
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Hybrid signcryption schemes with outsider security
ISC'05 Proceedings of the 8th international conference on Information Security
Collision-Resistant no more: hash-and-sign paradigm revisited
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Public key encryption without random oracle made truly practical
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Efficient CCA-Secure PKE from identity-based techniques
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Constructing secure hybrid encryption from key encapsulation mechanism with authenticity
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Public key encryption without random oracle made truly practical
Computers and Electrical Engineering
Non-malleable instance-dependent commitment in the standard model
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
An improved discrete logarithm-based multisignature scheme
Security and Communication Networks
Revisiting the security model for timed-release encryption with pre-open capability
ISC'07 Proceedings of the 10th international conference on Information Security
Decentralized dynamic broadcast encryption
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Hi-index | 0.06 |
The cryptosystem recently proposed by Cramer and Shoup [CS98] is a practical public key cryptosystem that is secure against adaptive chosen ciphertext attack provided the Decisional Diffie-Hellman assumption is true. Although this is a reasonable intractability assumption, it would be preferable to base a security proof on a weaker assumption, such as the Computational Diffie-Hellman assumption. Indeed, this cryptosystem in its most basic form is in fact insecure if the Decisional Diffie-Hellman assumption is false. In this paper we present a practical hybrid scheme that is just as efficient as the scheme of of Cramer and Shoup; indeed, the scheme is slightly more efficient than the one originally presented by Cramer and Shoup; we prove that the scheme is secure if the Decisional Diffie-Hellman assumption is true; we give strong evidence that the scheme is secure if the weaker, Computational Diffie-Hellman assumption is true by providing a proof of security in the random oracle model.