CryptoDB
Rerandomizable RCCA Encryption
| Authors: | |
|---|---|
| Download: | |
| Abstract: | We give the first perfectly rerandomizable, Replayable-CCA (RCCA) secure encryption scheme, positively answering an open problem of Canetti et al. [CRYPTO 2003]. Our encryption scheme, which we call the Double-strand Cramer-Shoup scheme, is a non-trivial extension of the popular Cramer-Shoup encryption. Its security is based on the standard DDH assumption. To justify our definitions, we define a powerful "Replayable Message Posting" functionality in the Universally Composable (UC) framework, and show that any encryption scheme that satisfies our definitions of rerandomizability and RCCA security is a UC-secure implementation of this functionality. Finally, we enhance the notion of rerandomizable RCCA security by adding a receiver-anonymity (or key-privacy) requirement, and show that it results in a correspondingly enhanced UC functionality. We leave open the problem of constructing a scheme that achieves this enhancement. |
BibTeX
@misc{eprint-2007-13401,
title={Rerandomizable RCCA Encryption},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / Anonymous Rerandomizable Replayable-CCA2 Encryption Public-Key},
url={http://eprint.iacr.org/2007/119},
note={To appear in CRYPTO 2007 mmp@cs.uiuc.edu 13742 received 1 Apr 2007, last revised 16 Aug 2007},
author={Manoj Prabhakaran and Mike Rosulek},
year=2007
}