Open AccessProceedings Article
Optimal Asymmetric Encryption-How to Encrypt with RSA
Reads0
Chats0
TLDR
A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which the adversary knows the corresponding plaintexts, and is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.Abstract:
Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encryption scheme for which (i) any string x of length slightly less than k bits can be encrypted as f(rx), where rx is a simple probabilistic encoding of x depending on the hash function; and (ii) the scheme can be proven semantically secure assuming the hash function is “ideal.” Moreover, a slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack. Department of Computer Science & Engineering, Mail Code 0114, University of California at San Diego, 9500 Gilman Drive, La Jolla, CA 92093. E-mail: mihir@cs.ucsd.edu † Department of Computer Science, University of California at Davis, Davis, CA 95616, USA. E-mail: rogaway@cs.ucdavis.eduread more
Citations
More filters
Proceedings ArticleDOI
Revision of Security Proof on f-OAEP
TL;DR: In this article, a revision of the security proof is presented to fix the flaw in the original security proof by Bellare and Rogaway, and compared with some existing improved prove methods, the revised proof is applicable for the underlying trapdoor permutation being a general case.
Posted Content
Another Look at Generic Groups.
Neal Koblitz,Alfred Menezes +1 more
TL;DR: The generic group model has been an important tool in reductionist security arguments as mentioned in this paper, and it has been shown to be vulnerable to flaws in proofs in proofs of the generic group assumption.
Posted Content
Non-Malleable Encryption: Equivalence between Two Notions, and an Indistinguishability-based Characterization.
Mihir Bellare,Amit Sahai +1 more
TL;DR: In this paper, the equivalence of non-malleable encryption and indistinguishability under a parallel chosen ciphertext attack was shown, in which the adversary's decryption queries are not allowed to depend on answers to previous queries, but must be made all at once.
Proceedings ArticleDOI
Efficient group signature scheme based on RSA cryptosystem
TL;DR: A small size group signature scheme based on RSA cryptosystem is described in this paper, which has low computational cost as to signature and verification.
References
More filters
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Proceedings ArticleDOI
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
Proceedings Article
The MD5 Message-Digest Algorithm
TL;DR: This document describes the MD5 message-digest algorithm, which takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input.
Journal ArticleDOI
A digital signature scheme secure against adaptive chosen-message attacks
TL;DR: A digital signature scheme based on the computational difficulty of integer factorization possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice cannot later forge the signature of even a single additional message.
Related Papers (5)
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
A method for obtaining digital signatures and public-key cryptosystems
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
Ronald Cramer,Victor Shoup +1 more