Welcome to the resource topic for 2006/268
On the Equivalence of Several Security Notions of Key Encapsulation Mechanism
Authors: Waka Nagao, Yoshifumi Manabe, Tatsuaki OkamotoAbstract:
KEM (Key Encapsulation Mechanism) was introduced by Shoup to formalize the asymmetric encryption specified for key distribution in ISO standards on public-key encryption. Shoup defined the ``semantic security (IND) against adaptively chosen ciphertext attacks (CCA2)‘’ as a desirable security notion of KEM. This paper introduces ‘‘non-malleability (NM)’’ of KEM, a stronger security notion than IND. We provide three definitions of NM, and show that these three definitions are equivalent. We then show that NM-CCA2 KEM is equivalent to IND-CCA2 KEM. That is, we show that NM is equivalent to IND under CCA2 attacks, although NM is stronger than IND in the definition (or under some attacks like CCA1). In addition, this paper defines the universally composable (UC) security of KEM and shows that NM-CCA2 KEM is equivalent to UC KEM.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .