[Resource Topic] 2002/100: Encryption-Scheme Security in the Presence of Key-Dependent Messages

Welcome to the resource topic for 2002/100

Encryption-Scheme Security in the Presence of Key-Dependent Messages

Authors: J. Black, P. Rogaway, T. Shrimpton


Encryption that is only semantically secure should not be used on messages that depend on the underlying secret key; all bets are off when, for example,one encrypts using a shared key K the value K.
Here we introduce a new notion of security, KDM security, appropriate for key-dependent messages. The notion makes sense in both the public-key and shared-key settings. For the latter we show that KDM security is easily achievable within the random-oracle model.
By developing and achieving stronger notions of encryption-scheme security it is hoped that protocols which are proven secure under ``formal’’ models of security can, in time, be safely realized by generically instantiating their primitives.

ePrint: https://eprint.iacr.org/2002/100

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .