CryptoDB
Optimal Chosen-Ciphertext Secure Encryption of Arbitrary-Length Messages
| Authors: | |
|---|---|
| Download: | |
| Abstract: | This paper considers arbitrary-length chosen-ciphertext secure asymmetric encryption, thus addressing what is actually needed for a practical usage of strong public-key cryptography in the real world. We put forward two generic constructions, gem-1 and gem-2, which apply to explicit fixed-length weakly secure primitives and provide a strongly secure (IND-CCA2) public-key encryption scheme for messages of unfixed length (typically computer files). Our techniques optimally combine a single call to any one-way trapdoor function with repeated encryptions through some weak block-cipher (a simple xor is fine) and hash functions of fixed-length input so that a minimal number of calls to these functions is needed. Our encryption/decryption throughputs are comparable to the ones of standard methods (asymmetric encryption of a session key + symmetric encryption with multiple modes). In our case, however, we formally prove that our designs are secure in the strongest sense and provide complete security reductions holding in the random oracle model. |
BibTeX
@misc{eprint-2002-11535,
title={Optimal Chosen-Ciphertext Secure Encryption of Arbitrary-Length Messages},
booktitle={IACR Eprint archive},
keywords={public-key cryptography /},
url={http://eprint.iacr.org/2002/011},
note={Extended Abstract published in Public Key Conference PKC 2002 pascal.paillier@gemplus.com 11712 received 25 Jan 2002},
author={Jean-Sébastien Coron and Helena Handschuh and Marc Joye and Pascal Paillier and David Pointcheval and Christophe Tymen},
year=2002
}