Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
New Paradigms for Constructing Symmetric Encryption Schemes Secure against Chosen-Ciphertext Attack
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Deniable authentication and key exchange
Proceedings of the 13th ACM conference on Computer and communications security
Public-key encryption in a multi-user setting: security proofs and improvements
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Chosen-ciphertext secure key-encapsulation based on gap hashed Diffie-Hellman
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Relationship between standard model plaintext awareness and message hiding
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
The cramer-shoup encryption scheme is plaintext aware in the standard model
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
The notion of encryption simulatability was proposed by Dent to help proving plaintext awareness, and it was claimed that a hybrid encryption scheme composed of a simulatable KEM and a simulatable DEM is simulatable. Here we prove the simulatability of IND-CCA2 secure probabilistic symmetric encryption scheme with every string in its ciphertext space being a valid ciphertext. Moreover, for such a DEM and a simulatable KEM with sparse valid ciphertext space, we show that the resulting hybrid encryption scheme is not simulatable. However, if both the KEM and DEM have sparse valid ciphertext space, or every string in the ciphertext space of the hybrid encryption scheme is a valid ciphertext, then the hybrid encryption scheme is simulatable. Thus the proof for the plaintext awareness of the Cramer-Shoup hybrid encryption scheme provided by Dent is still valid.