Welcome to the resource topic for 2004/221
Towards Plaintext-Aware Public-Key Encryption without Random Oracles
Authors: Mihir Bellare, Adriana PalacioAbstract:
We consider the problem of defining and
achieving plaintext-aware encryption without random oracles in the classical
public-key model. We provide definitions for a hierarchy of notions of
increasing strength: PA0, PA1 and PA2, chosen so that PA1+IND-CPA =>
IND-CCA1 and PA2+IND-CPA => IND-CCA2. Towards achieving the new
notions of plaintext awareness, we show that a scheme due to Damgard,
denoted DEG, and the ``lite’’ version of the Cramer-Shoup scheme,
denoted CSL, are both PA0 under the KEA0
assumption of Damgard, and PA1 under an extension of this assumption called
KEA1. As a result, DEG is the most efficient proven IND-CCA1 scheme known.
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .