New Paradigms for Constructing Symmetric Encryption Schemes Secure against Chosen-Ciphertext Attack
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Deniable authentication and key exchange
Proceedings of the 13th ACM conference on Computer and communications security
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Cramer-Shoup Satisfies a Stronger Plaintext Awareness under a Weaker Assumption
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
A CCA Secure Hybrid Damgård's ElGamal Encryption
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Relations among notions of plaintext awareness
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Relationship between standard model plaintext awareness and message hiding
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
About the security of ciphers (semantic security and pseudo-random permutations)
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
The cramer-shoup encryption scheme is plaintext aware in the standard model
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Plaintext-Awareness of hybrid encryption
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Hi-index | 0.00 |
We give several examples to show that PA1 and IND-CCA2 together do not guarantee PA2 in the absence of random oracles, for both statistical and computational PA. In the statistical case, we use the Desmedt-Phan hybrid encryption scheme as the first example. If the DEM of the Desmedt-Phan hybrid encryption is an IND-CCA2 symmetric encryption without MAC, then the Desmedt-Phan hybrid is IND-CCA2 and statistical PA1 but not statistical PA2. Extend the result to the Cramer-Shoup hybrid encryption scheme, we find that even statistical PA1+ and IND-CCA2 together could not reach statistical PA2. In the computational case, we give an artificial example to show that neither statistical nor computational PA1 together with IND-CCA2 could guarantee computational PA2.