Sciweavers

EUROCRYPT
2000
Springer

Using Hash Functions as a Hedge against Chosen Ciphertext Attack

14 years 4 months ago
Using Hash Functions as a Hedge against Chosen Ciphertext Attack
The cryptosystem recently proposed by Cramer and Shoup [CS98] is a practical public key cryptosystem that is secure against adaptive chosen ciphertext attack provided the Decisional Diffie-Hellman assumption is true. Although this is a reasonable intractability assumption, it would be preferable to base a security proof on a weaker assumption, such as the Computational Diffie-Hellman assumption. Indeed, this cryptosystem in its most basic form is in fact insecure if the Decisional Diffie-Hellman assumption is false. In this paper we present a practical hybrid scheme that is just as efficient as the scheme of of Cramer and Shoup; indeed, the scheme is slightly more efficient than the one originally presented by Cramer and Shoup; we prove that the scheme is secure if the Decisional Diffie-Hellman assumption is true; we give strong evidence that the scheme is secure if the weaker, Computational Diffie-Hellman assumption is true by providing a proof of security in the random oracle model....
Victor Shoup
Added 24 Aug 2010
Updated 24 Aug 2010
Type Conference
Year 2000
Where EUROCRYPT
Authors Victor Shoup
Comments (0)