单双钥混合体制的选择密文安全性

陈原; 董庆宽; 肖国镇

单双钥混合体制的选择密文安全性

计量
- 文章访问数: 2327
- HTML全文浏览量: 105
- PDF下载量: 773
- 被引次数: 0
出版历程
- 收稿日期: 2003-08-25
- 修回日期: 2004-07-19
- 刊出日期: 2005-04-19

Chosen Ciphertext Security of Hybrid Schemes of Symmetric and Asymmetric Encryption

摘要

摘要: 该文主要讨论单双钥混合体制的选择密文安全性IND-CCA的定义和相关结论。在对两种不同用途的单双钥混合体制及其安全性的研究之后发现它们的IND-CCA定义中允许敌手访问的预言机不同，我们将其统一为：对只能询问混合体制整体解密机的敌手的安全性，从而统一了混合体制的安全结论，为正确使用混合体制提供了依据。我们提出了一种混合体制：REACT+，并证明了其IND-CCA安全性。
- 混合体制; 选择密文安全性; 密码学
Abstract: The definition and related conclusions of chosen ciphertext security IND-CCA (INDistinguishability against adaptive-Chosen Ciphertext Attack) of hybrid encryption of symmetric and asymmetric encryption are discussed. Having studied two kinds of hybrid encryptions of different use and their security definitions, it is found that there is a difference in the oracles. Then the definition of IND-CCA is unified as security for the adversaries can only access the whole decryption oracle of hybrid schemes, which makes the unification of security conclusions of hybrid schemes possible, and supplies the ground for proper use of hybrid schemes. A hybrid scheme called REACT+ has been proposed with its security proof.

HTML全文

参考文献(1)

Bellare M, Boldyreva A, Palacio A. An uninstantiable random-oracle-model scheme for a hybrid-encryption problem.Cachin C, Camenisch J eds. Advances in Cryptology - Eurocrypt 2004 Proceedings. Berlin: Springer-Verlag, 2004, LNCS Vol.3027: 171 - 188.[2]Okamoto T, Pointcheval D. REACT: Rapid enhanced-security asymmetric cryptosystem transform. Advances in CryptologyCrypto2001. Berlin: Springer Verlag, 2001, LNCS Vol.2020:159- 175.[3]Bellare M, Desai A, D. Pointcheval, et al.. Relations among notions of security for public-key encryption schemes. Advances in Cryptology-Crypt98. Berlin: Springer-Verlag, 1998, LNCS Vol.1462:26 - 45.[4]Bellare M, Sahai A, Jokipii E, et al.. A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation.Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, Miami Beach, Florida, 1997:394 - 403.[5]Fujisaki E, Okamoto T. Secure integration of asymmetric and symmetric encrption scheme. Advances in CryptologyCrypto99. Berlin: Springer Verlag, 1999, LNCS Vol.1666:537 - 554.[6]Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. Proceedings of the First Annual Conference on Computer and Communications Security, New York, ACM, 1993:62 - 73.[7]Bellare M, Rogaway P. Optimal asymmetric encryption: How to encrypt with RSA. Advances in Cryptology-Eurocrpt94. Berlin:Springer Verlag, 1994, LNCS Vol. 950:92 - 111.[8]Crammer R, Shoup V. A pratical public key cryptosystem provably secure against adaptive chosen ciphertext attack. H.Krawczyk ed. Advances in Cryptology-Crypto98 Proceedings,Berlin: Springer Verlag, 1998, LNCS Vol.1462:13 - 25.[9]Elkind E, Sahai A. A unified methodology for constructing public-key encryption schemes secure against adaptive chosen-ciphertext attack, available at iacr. org/2002/042.ps.gz.2002.

施引文献

资源附件(0)

访问统计