Efficient variants of the Naor-Yung and Dolev-Dwork-Naor transforms for CCA secure key encapsulation mechanism

Authors:
Takashi Yamakawa;Shota Yamada;Takahiro Matsuda;Goichiro Hanaoka;Noboru Kunihiro
Affiliations:
The University of Tokyo and National Institute of Advanced Industrial Science and Technology, Chiba and Ibaraki, Japan;The University of Tokyo and National Institute of Advanced Industrial Science and Technology, Chiba and Ibaraki, Japan;National Institute of Advanced Industrial Science and Technology, Ibaraki, Japan;National Institute of Advanced Industrial Science and Technology, Ibaraki, Japan;The University of Tokyo, Chiba, Japan
Venue:
Proceedings of the first ACM workshop on Asia public-key cryptography
Year:
2013

Citing 34
Cited 0

Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
Non-interactive zero-knowledge and its applications

STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Public-key cryptosystems provably secure against chosen ciphertext attacks

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Non-malleable cryptography

STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure Integration of Asymmetric and Symmetric Encryption Schemes

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm

ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Chosen-Ciphertext Security for Any One-Way Cryptosystem

PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Multi-recipient Public-Key Encryption with Shortened Ciphertext

PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security

FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack

SIAM Journal on Computing
Direct chosen ciphertext security from identity-based techniques

Proceedings of the 12th ACM conference on Computer and communications security
Lossy trapdoor functions and their applications

STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption

ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Chosen-Ciphertext Security via Correlated Products

TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Practical Chosen Ciphertext Secure Encryption from Factoring

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Chosen-ciphertext secure key-encapsulation based on gap hashed Diffie-Hellman

PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
A simpler construction of CCA2-secure public-key encryption under general assumptions

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Secure hybrid encryption from weakened key encapsulation

CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
The twin Diffie-Hellman problem and applications

EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Efficient non-interactive proof systems for bilinear groups

EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Efficient chosen-ciphertext security via extractable hash proofs

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Efficient generic constructions of signcryption with insider security in the multi-user setting

ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Identification schemes from key encapsulation mechanisms

AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
About the security of ciphers (semantic security and pseudo-random permutations)

SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Efficient key encapsulation to multiple parties

SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Tag-KEM/DEM: a new framework for hybrid encryption and a new analysis of kurosawa-desmedt KEM

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Adaptive trapdoor functions and chosen-ciphertext security

EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Chosen-Ciphertext security from tag-based encryption

TCC'06 Proceedings of the Third conference on Theory of Cryptography
New constructions of efficient simulation-sound commitments using encryption and their applications

CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Strongly secure authenticated key exchange from factoring, codes, and lattices

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we present novel constructions of chosen-ciphertext secure (CCA secure) key encapsulation mechanism (KEM) from chosen-plaintext secure (CPA secure) KEM in the standard model. It is already known that CCA secure public key encryption (PKE) can be generically constructed from CPA secure PKE and ((simulation-sound) non-interactive zero-knowledge proof) via the Naor-Yung or Dolev-Dwork-Naor transforms. Thus, one can also immediately construct CCA secure PKE from CPA secure KEM by converting CPA secure KEM into CPA secure PKE and transforming it to be CCA secure PKE. However, such a construction seems redundant since in general PKE is less efficient than KEM and it would be more efficient if we can directly construct CCA secure KEM from CPA secure KEM without intermediating CPA secure PKE. In this work, we propose new variants of the Naor-Yung and Dolev-Dwork-Naor transforms that directly convert CPA secure KEM into CCA secure KEM, and show that our proposed schemes are more efficient than the above straightforward constructions. For example, when instantiating from the decision linear assumption, ciphertext size of our Naor-Yung variant consists of 34 group elements while that of the straightforward construction consists of 47 group elements. Furthermore, we also propose another variant of the Dolev-Dwork-Naor transform from multiple KEM and show that a KEM which is obtained from Wee's extractable hash proof system can also be considered as an efficient construction of multiple KEM.