CryptoDB
Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman
| Authors: | |
|---|---|
| Download: | |
| Abstract: | We propose a practical key encapsulation mechanism with a simple and intuitive design concept. Security against chosen-ciphertext attacks can be proved in the standard model under a new assumption, the Gap Hashed Diffie-Hellman (GHDH) assumption. The security reduction is tight and simple. Secure key encapsulation, combined with an appropriately secure symmetric encryption scheme, yields a hybrid public-key encryption scheme which is secure against chosen-ciphertext attacks. The implied encryption scheme is very efficient: compared to the previously most efficient scheme by Kurosawa and Desmedt [Crypto 2004] it has 128 bits shorter ciphertexts, between 25-50% shorter public/secret keys, and it is slightly more efficient in terms of encryption/decryption speed. Furthermore, our scheme enjoys (the option of) public verifiability of the ciphertexts and it inherits all practical advantages of secure hybrid encryption. |
BibTeX
@misc{eprint-2007-13318,
title={Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / Chosen-ciphertext security, Public-key encryption, key encapsulation},
url={http://eprint.iacr.org/2007/036},
note={Preliminary version in PKC 2007. This is the full version. kiltz@cwi.nl 13558 received 5 Feb 2007, last revised 14 Feb 2007},
author={Eike Kiltz},
year=2007
}