Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Secure Length-Saving ElGamal Encryption under the Computational Diffie-Hellman Assumption
ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
On the Security of the KMOV Public Key Cryptosystem
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Security of Signed ElGamal Encryption
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of ElGamal Based Encryption
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Chosen-Ciphertext Security for Any One-Way Cryptosystem
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
Low-exponent RSA with related messages
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Using hash functions as a hedge against chosen ciphertext attack
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
An IND-CCA2 Public-Key Cryptosystem with Fast Decryption
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
A Practical Public Key Cryptosystemfrom Paillier and Rabin Schemes
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Hi-index | 0.00 |
In 1984, H.C. Williams introduced a public key cryptosystem whose security is as intractable as factorization. Motivated by some strong and interesting cryptographic properties of the intrinsic structure of this scheme, we present a practical modification thereof that has very strong security properties. We establish, and prove, a generalization of the "sole-samplability" paradigm of Zheng-Seberry (1993) which is reminiscent of the plaintext-awareness concept of Bellare et. al. The assumptions that we make are both well-defined and reasonable. In particular, we do not model the functions as random oracles. In essence, the proof of security is based on the factorization problem of any large integer n = pq and Canetti's "oracle hashing" construction introduced in 1997. Another advantage of our system is that we do not rely on any special structure of the modulus n = pq, nor do we require any specific form of the primes p and q. As our main result we establish a model which implies security attributes even stronger than semantic security against chosen ciphertext attacks.