IACR News item: 27 November 2015
Takahiro Matsuda, Goichiro Hanaoka
ePrint ReportIn this paper, we show a new CCA secure KEM based on a CCA secure $1$-bit PKE scheme which achieves the public key size $2 \\cdot |pk|$ and the ciphertext size $(2k + o(k)) \\cdot |c|$. These sizes are asymptotically optimal in the sense that they are (except for a constant factor) the same as those of the simplest \\lq\\lq bitwise-encrypt\'\' construction (seen as a KEM by encrypting a $k$-bit random session-key) that works for the chosen plaintext attack and non-adaptive chosen ciphertext attack settings. We achieve our main result by developing several new techniques and results on the \\lq\\lq double-layered\'\' construction (which builds a KEM from an inner PKE/KEM and an outer PKE scheme) by Myers and Shelat and on the notion of detectable PKE/KEM by Hohenberger, Lewko, and Waters (EUROCRYPT 2012).
Additional news items may be found on the IACR news page.