Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
GEM: A Generic Chosen-Ciphertext Secure Encryption Method
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
RSA-OAEP Is Secure under the RSA Assumption
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure Integration of Asymmetric and Symmetric Encryption Schemes
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
How to Enhance the Security of Public-Key Encryption at Minimum Cost
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
Chosen-Ciphertext Security for Any One-Way Cryptosystem
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Simplified OAEP for the RSA and Rabin Functions
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient public key encryption with smallest ciphertext expansion from factoring
Designs, Codes and Cryptography
Chosen Ciphertext Security with Optimal Ciphertext Overhead
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Identity based encryption without redundancy
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
PA in the two-key setting and a generic conversion for encryption with anonymity
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
| Hi-index | 0.00 |
In this paper, we present a generic asymmetric encryption conversion ROC, namely Redundancy Optimal Conversion, which has the optimal message redundancy for one-way trapdoor function in the random oracle model. To our best knowledge, it is the first generic conversion to achieve such an optimal redundancy result for both one-way trapdoor permutation and not length-preserving function. To obtain IND-CCA security, the conversion only needs the weaker requirement of the one-wayness, than the partial-domain one-wayness, which succeeds to greatly extend the application area of the generic conversion. Further, plaintext awareness property of the encryption is not required any more, which also contributes to reduce the message redundancy and hence removes the re-encryption step of the decryption process, considerably reducing the computational burden. Finally, it has simple construction of two cryptographic hash functions and two bitwise XORs, as same as the widely used OAEP conversion, but more generally useful.