A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On the Unpredictability of Bits of the Elliptic Curve Diffie--Hellman Scheme
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
The twin Diffie-Hellman problem and applications
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Efficient chosen-ciphertext security via extractable hash proofs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Simple and efficient public-key encryption from computational diffie-hellman in the standard model
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
| Hi-index | 0.00 |
IND-CCA secure public key encryption schemes based on the CDH assumption in the standard model use a hardcore function as a key derivation function for a shared key. Therefore, many secret and public key size are necessary for sending a sufficiently long shared key. Yamada et al. [17,16] and Haralambiev et al. [12] proposed efficient public key encryption schemes based on the CDH assumption. Moreover, they proposed a method that drastically reduces the secret and the public key sizes by using a bilinear map, and they also proposed IND-CCA secure public key encryption based on the bilinear DH assumption. Unfortunately, many secret and public key sizes are still necessary in general cyclic groups that lack known efficient bilinear map. In this paper, we propose a compact public key scheme based on the CDH assumption in the standard model. The public and secret key sizes are trivially reduced by sending several block of the ciphertext. By using batch verification, our scheme succeeded in reducing the ciphertext size compared with that in the case of the trivially extended scheme. To prove IND-CCA security of our scheme, we define a new computational assumption, namely, the extended hashed strong twin Diffie-Hellman assumption. Moreover, we construct an extended trapdoor test to simulate a decisional oracle, and prove that if the CDH assumption holds and the hash function is the hardcore function for DH key, then the extended hashed strong twin DH assumption also holds. Our reducing technique is also applicable to other schemes [17,16,15] based on the CDH assumption.