论文信息 - On the Security of Public Key Protocols (Extended Abstract)

On the Security of Public Key Protocols (Extended Abstract)

We compare the relative strengths of popular notions of security for public key encryption schemes. We consider the goals of privacy and non-malleability, each under chosen plaintext attack and two kinds of chosen ciphertext attack. For each of the resulting pairs of definitions we prove either an implication (every scheme meeting one notion must meet the other) or a separation (there is a scheme meeting one notion but not the other, assuming the first notion can be met at all). We similarly treat plaintext awareness, a notion of security in the random oracle model. An additional contribution of this paper is a new definition of non-malleability which we believe is simpler than the previous one.

Danny Dolev | Andrew Chi-Chih Yao | A. Yao | D. Dolev

[1] Whitfield Diffie,et al. Multiuser cryptographic techniques , 1976, AFIPS '76.

[2] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[3] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[4] Leslie Lamport,et al. Reaching Agreement in the Presence of Faults , 1980, JACM.

[5] Richard J. Lipton,et al. A Linear Time Algorithm for Deciding Subject Security , 1977, JACM.

[6] Jeffrey D. Ullman,et al. Protection in operating systems , 1976, CACM.

[7] Danny Dolev,et al. The Byzantine Generals Strike Again , 1981, J. Algorithms.

[8] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.