Compact CCA-Secure Encryption for Messages of Arbitrary Length

This paper proposes a chosen-ciphertext secure variant of the ElGamal public-key encryption scheme which generates very compact ciphertexts for messages of arbitrary length . The ciphertext overhead (i.e., the difference between ciphertext and plaintext) is one group element only. Such a property is particularly useful when encrypting short messages such as a PIN or a credit card number in bandwidth-critical environments. On top of the compact overhead, the computational cost for encryption and decryption are almost the same as plain ElGamal encryption. The security is proven based on the strong Diffie-Hellman assumption in the random oracle model.

[1]  Jean-Sébastien Coron,et al.  GEM: A Generic Chosen-Ciphertext Secure Encryption Method , 2002, CT-RSA.

[2]  David Pointcheval,et al.  Chosen-Ciphertext Security without Redundancy , 2003, ASIACRYPT.

[3]  Bart Preneel,et al.  Topics in Cryptology — CT-RSA 2002 , 2002, Lecture Notes in Computer Science.

[4]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[5]  Mihir Bellare,et al.  The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES , 2001, CT-RSA.

[6]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[7]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[8]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[9]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[10]  Qixiang Mei,et al.  Direct chosen ciphertext security from identity-based techniques , 2005, CCS '05.

[11]  Shai Halevi,et al.  A Tweakable Enciphering Mode , 2003, CRYPTO.

[12]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[13]  Kaoru Kurosawa,et al.  How to Remove MAC from DHIES , 2004, ACISP.

[14]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[15]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[16]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[17]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[18]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[19]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[20]  Jean-Sébastien Coron,et al.  Optimal Chosen-Ciphertext Secure Encryption of Arbitrary-Length Messages , 2002, Public Key Cryptography.

[21]  Josef Pieprzyk,et al.  Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7-11, 2008. Proceedings , 2008, ASIACRYPT.

[22]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[23]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[24]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[25]  Nigel P. Smart,et al.  Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[26]  Xavier Boyen Miniature CCA2 PK Encryption: Tight Security Without Redundancy , 2007, ASIACRYPT.

[27]  Taher El Gamal A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms , 1984, CRYPTO.

[28]  Chi Sung Laih,et al.  Advances in Cryptology - ASIACRYPT 2003 , 2003 .

[29]  David Pointcheval,et al.  REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform , 2001, CT-RSA.

[30]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[31]  Kaoru Kurosawa,et al.  Tag-KEM/DEM: A New Framework for Hybrid Encryption and A New Analysis of Kurosawa-Desmedt KEM , 2005, EUROCRYPT.

[32]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[33]  Yvo Desmedt,et al.  A New Paradigm of Hybrid Encryption Scheme , 2004, CRYPTO.

[34]  Eike Kiltz,et al.  Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman , 2007, Public Key Cryptography.

[35]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[36]  Eike Kiltz,et al.  Chosen Ciphertext Security with Optimal Ciphertext Overhead , 2008, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[37]  David Cash,et al.  The Twin Diffie–Hellman Problem and Applications , 2009, Journal of Cryptology.

[38]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[39]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..