Bounded CCA2-secure encryption

Ronald Cramer*, Goichiro Hanaoka, Dennis Hofheinz, Hideki Imai, Eike Kiltz, Rafael Pass, Abhi Shelat, Vinod Vaikuntanathan

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

65 Scopus citations

Abstract

Whereas encryption schemes withstanding passive chosen-plaintext attacks (CPA) can be constructed based on a variety of computational assumptions, only a few assumptions are known to imply the existence of encryption schemes withstanding adaptive chosen-ciphertext attacks (CCA2). Towards addressing this asymmetry, we consider a weakening of the CCA2 model - bounded CCA2-security - wherein security needs only hold against adversaries that make an a-priori bounded number of queries to the decryption oracle. Regarding this notion we show (without any further assumptions): - For any polynomial q, a simple black-box construction of q-bounded IND-CGA2-secure encryption schemes, from any IND-CPA-secure encryption scheme. When instantiated with the Decisional Diffie-Hellman (DDH) assumption, this construction additionally yields encryption schemes with very short ciphertexts. - For any polynomial q, a (non-black box) construction of q-bounded NM-CCA2-secure encryption schemes, from any IND-CPA-secure encryption scheme. Bounded-CCA2 non-malleability is the strongest notion of security yet known to be achievable assuming only the existence of IND-CPA secure encryption schemes. Finally, we show that non-malleability and indistinguishability are not equivalent under bounded-CCA2 attacks (in contrast to general CCA2 attacks).

Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2007 - 13th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
PublisherSpringer Verlag
Pages502-518
Number of pages17
ISBN (Print)9783540768999
DOIs
StatePublished - 2007
Externally publishedYes
Event13th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2007 - Kuching, Malaysia
Duration: 2 Dec 20076 Dec 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4833 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference13th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2007
Country/TerritoryMalaysia
CityKuching
Period2/12/076/12/07

Fingerprint

Dive into the research topics of 'Bounded CCA2-secure encryption'. Together they form a unique fingerprint.

Cite this