Blackbox Construction of a More Than Non-Malleable CCA1 Encryption Scheme from Plaintext Awareness

We construct an NM−CCA1 encryption scheme from any CCA1 encryption scheme that is also plaintext aware and weakly simulatable. We believe this is the first construction of a NM−CCA1 scheme that follows strictly from encryption schemes with seemingly weaker or incomparable security definitions to NM−CCA1. Previously, the statistical PA1 notion of plaintext awareness was only known to imply CCA1. Our result is therefore novel because unlike the case of CPA and CCA2, it is unknown whether a CCA1 scheme can be transformed into an NM-CCA1 scheme. Additionally, we show both the Damgard Elgamal Scheme (DEG) [Dam91] and the Cramer-Shoup Lite Scheme (CS-Lite) [CS03] are weakly simulatable under the DDH assumption. Since both are known to be statistical PA1 under the Diffie-Hellman Knowledge (DHK) assumption, they instantiate our scheme securely. Next, in a partial response to a question posed by Matsuda and Matsuura [MM11], we define an extended version of the NM−CCA1, cNM−CCA1, in which the security definition is modified so that the adversary is permuted to ask a c≥1 number of parallel queries after receiving the challenge ciphertext. We extend our construction to yield a cNM−CCA1 scheme for any constant c. All of our constructions are black-box.

[1]  Hoeteck Wee,et al.  Black-Box, Round-Efficient Secure Computation via Non-malleability Amplification , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[2]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[3]  Hoeteck Wee,et al.  Black-Box Constructions of Two-Party Protocols from One-Way Functions , 2009, TCC.

[4]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.

[5]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[6]  Takahiro Matsuda,et al.  Parallel Decryption Queries in Bounded Chosen Ciphertext Attacks , 2011, Public Key Cryptography.

[7]  Ivan Damgård,et al.  Improved Non-committing Encryption Schemes Based on a General Complexity Assumption , 2000, CRYPTO.

[8]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[9]  Mihir Bellare,et al.  Towards Plaintext-Aware Public-Key Encryption Without Random Oracles , 2004, ASIACRYPT.

[10]  Alexander W. Dent,et al.  The Cramer-Shoup Encryption Scheme is Plaintext Aware in the Standard Model , 2006, IACR Cryptol. ePrint Arch..

[11]  Alexander W. Dent,et al.  The Hardness of the DHK Problem in the Generic Group Model , 2006, IACR Cryptol. ePrint Arch..

[12]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[13]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[14]  Tal Malkin,et al.  Black-Box Construction of a Non-malleable Encryption Scheme from Any Semantically Secure One , 2008, TCC.

[15]  Moni Naor,et al.  On Cryptographic Assumptions and Challenges , 2003, CRYPTO.

[16]  Abhi Shelat,et al.  Bounded CCA2-Secure Encryption , 2007, ASIACRYPT.

[17]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[18]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[19]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[20]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[21]  Ivan Damgård,et al.  Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks , 1991, CRYPTO.

[22]  Steven Myers,et al.  Bit Encryption Is Complete , 2009, 2009 50th Annual IEEE Symposium on Foundations of Computer Science.

[23]  Pil Joong Lee,et al.  Advances in Cryptology — ASIACRYPT 2001 , 2001, Lecture Notes in Computer Science.

[24]  Abhi Shelat,et al.  Construction of a Non-malleable Encryption Scheme from Any Semantically Secure One , 2006, CRYPTO.

[25]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.