Welcome to the resource topic for 2009/418
Title:
Subtleties in the Definition of IND-CCA: When and How Should Challenge-Decryption be Disallowed?
Authors: Mihir Bellare, Dennis Hofheinz, Eike Kiltz
Abstract:The definition of IND-CCA disallows an adversary from querying the challenge ciphertext to its decryption oracle. We point out that there are several ways to formalize this. We show that, surprisingly, for public-key encryption the resulting notions are not all equivalent. We then consider the same question for key-encapsulation mechanisms (KEMs) and show that in this case the four notions ARE all equivalent. Our discoveries are another manifestation of the subtleties that make the study of cryptography so attractive and are important towards achieving the definitional clarity and unity required for firm foundations.
ePrint: https://eprint.iacr.org/2009/418
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .