Tag-KEM/DEM: a new framework for hybrid encryption and a new analysis of kurosawa-desmedt KEM

Authors:
Masayuki Abe;Rosario Gennaro;Kaoru Kurosawa;Victor Shoup
Affiliations:
NTT Information Sharing Platform Laboratories, NTT Corporation, Japan;IBM T.J.Watson Research Center;Ibaraki University, Japan;New York University
Venue:
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Year:
2005

Citing 17
Cited 50

Public-key cryptosystems provably secure against chosen ciphertext attacks

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Non-malleable cryptography

STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform

CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
OAEP Reconsidered

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure Integration of Asymmetric and Symmetric Encryption Schemes

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Robust Distributed Multiplicaton with out Interaction

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack

SIAM Journal on Computing
An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Using hash functions as a hedge against chosen ciphertext attack

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Concealment and its applications to authenticated encryption

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Design, implementation, and deployment of the iKP secure electronic payment system

IEEE Journal on Selected Areas in Communications

Direct chosen ciphertext security from identity-based techniques

Proceedings of the 12th ACM conference on Computer and communications security
Stateful public-key cryptosystems: how to encrypt with one 160-bit exponentiation

Proceedings of the 13th ACM conference on Computer and communications security
On the Security of Tag-KEM for Signcryption

Electronic Notes in Theoretical Computer Science (ENTCS)
Cryptanalysis of e-mail protocols providing perfect forward secrecy

Computer Standards & Interfaces
Efficient One-Round Key Exchange in the Standard Model

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Generalized Non-Interactive Oblivious Transfer Using Count-Limited Objects with Applications to Secure Mobile Agents

Financial Cryptography and Data Security
Constructing Strong KEM from Weak KEM (or How to Revive the KEM/DEM Framework)

SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption

ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
One-round key exchange in the standard model

International Journal of Applied Cryptography
Compact CCA-Secure Encryption for Messages of Arbitrary Length

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
A Practical Key Recovery Attack on Basic TCHo

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
An Efficient Encapsulation Scheme from Near Collision Resistant Pseudorandom Generators and Its Application to IBE-to-PKE Transformations

CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
The Kurosawa--Desmedt key encapsulation is not chosen-ciphertext secure

Information Processing Letters
On the Impossibility of Strong Encryption Over $\aleph_0$

IWCC '09 Proceedings of the 2nd International Workshop on Coding and Cryptology
Security on Hybrid Encryption with the Tag-KEM/DEM Framework

ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Efficient Constructions of Signcryption Schemes and Signcryption Composability

INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
A New Rabin-type Trapdoor Permutation Equivalent to Factoring

Electronic Notes in Theoretical Computer Science (ENTCS)
TCHo: a hardware-oriented trapdoor cipher

ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Generic certificateless key encapsulation mechanism

ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Construction of threshold (hybrid) encryption in the random oracle model: how to construct secure threshold tag-KEM from weakly secure threshold KEM

ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Security-preserving asymmetric protocol encapsulation

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Secure hybrid encryption from weakened key encapsulation

CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Construction of a hybrid HIBE protocol secure against adaptive attacks: without random oracle

ProvSec'07 Proceedings of the 1st international conference on Provable security
Decryptable searchable encryption

ProvSec'07 Proceedings of the 1st international conference on Provable security
Authenticated key exchange and key encapsulation in the standard model

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Efficient KEMs with partial message recovery

Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Generic constructions of stateful public key encryption and their applications

ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
CCA2 secure IBE: standard model efficiency through authenticated symmetric encryption

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Some (in)sufficient conditions for secure hybrid encryption

Information and Computation
Efficient chosen-ciphertext security via extractable hash proofs

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Toward an easy-to-understand structure for achieving chosen ciphertext security from the decisional Diffie-Hellman assumption

ProvSec'10 Proceedings of the 4th international conference on Provable security
Generic certificateless encryption secure against malicious-hut-passive KGC attacks in the standard model

Journal of Computer Science and Technology
Generic construction of hybrid public key traitor tracing with full-public-traceability

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Improvements on security proofs of some identity based encryption schemes

CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Adaptive trapdoor functions and chosen-ciphertext security

EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Building better signcryption schemes with Tag-KEMs

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Tag-KEM from set partial domain one-way permutations

ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
RFID privacy based on public-key cryptography

ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Probabilistic public key encryption with equality test

CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Efficient CCA-Secure PKE from identity-based techniques

CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Chosen-Ciphertext security from tag-based encryption

TCC'06 Proceedings of the Third conference on Theory of Cryptography
Public key encryption for the forgetful

Cryptography and Security
Constructing secure hybrid encryption from key encapsulation mechanism with authenticity

IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Anonymous broadcast encryption: adaptive security and efficient constructions in the standard model

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Relations between constrained and bounded chosen ciphertext security for key encapsulation mechanisms

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Efficient encryption with keyword search in mobile networks

Security and Communication Networks
Group signatures with message-dependent opening

Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Practical hybrid hierarchical identity-based encryption schemes based on the decisional bilinear Diffie-Hellman assumption

International Journal of Applied Cryptography
Privacy-preserving smart metering with regional statistics and personal enquiry services

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Efficient variants of the Naor-Yung and Dolev-Dwork-Naor transforms for CCA secure key encapsulation mechanism

Proceedings of the first ACM workshop on Asia public-key cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a novel framework for generic construction of hybrid encryption schemes secure against chosen ciphertext attack. Our new framework yields new and more efficient CCA-secure schemes, and provides insightful explanations about existing schemes that do not fit into the previous frameworks. This could result in finding future improvements. Moreover, it allows immediate conversion from a class of threshold public-key encryption to a hybrid one without considerable overhead, which is not possible in the previous approaches. Finally we present an improved security proof of the Kurosawa-Desmedt scheme, which removes the original need for information-theoretic key derivation and message authentication functions. We show that the scheme can be instantiated with any computationally secure such functions, thus extending the applicability of their paradigm, and improving its efficiency.