Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PKC
2004
Springer
2004
Springer
On the Security of Multiple Encryption or CCA-security+CCA-security=CCA-security?
In a practical system, a message is often encrypted more than once by different encryptions, here called multiple encryption, to enhance its security. Additionally, new features may be achieved by multiple encrypting a message for a scheme, such as the key-insulated cryptosystems [13] and anonymous channels [8]. Intuitively, a multiple encryption should remain “secure”, whenever there is one component cipher unbreakable in it. In NESSIE’s latest Portfolio of recommended cryptographic primitives (Feb. 2003), it is suggested to use multiple encryption with component ciphers based on different assumptions to acquire long term security. However, in this paper we show this needs careful discussion. Especially, this may not be true according to (adaptive) chosen ciphertext attack (CCA), even with all component ciphers CCA secure. We define an extended version of CCA called chosen ciphertext attack for multiple encryption (MECCA) to emulate real world partial breaking of assumptions...
Real-time Traffic| Added | 02 Jul 2010 |
| Updated | 02 Jul 2010 |
| Type | Conference |
| Year | 2004 |
| Where | PKC |
| Authors | Rui Zhang 0002, Goichiro Hanaoka, Junji Shikata, Hideki Imai |
Comments (0)
Researcher Info
|
