On the Security against Nonadaptive Chosen Ciphertext Attack and Key-Dependent Message Attack

Jinyong CHANG  Rui XUE  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E97-A   No.11   pp.2267-2271
Publication Date: 2014/11/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E97.A.2267
Type of Manuscript: LETTER
Category: Cryptography and Information Security
key-dependent message,  public key encryption,  nonadaptive chosen ciphertext attack,  Damgård's ElGamal scheme,  

Full Text: PDF(110.2KB)>>
Buy this Article

In this letter, we formally present the definition of KDM-CCA1 security in public key setting, which falls in between the existing KDM-CPA and KDM-CCA2 security. We also prove that if a public key encryption scheme is CCA1 secure and has the properties of secret-key multiplication (or addition) homomorphism, and conditioned plaintext-restorability, then it is KDM-CCA1 secure w.r.t. two ensembles of functions that had been used in [15],[17], respectively. For concrete scheme, we show that the (tailored) Damgård's Elgamal scheme achieves this KDM-CCA1 security based on different assumptions.