Rerandomizable and replayable adaptive chosen ciphertext attack secure cryptosystems.
In: Naor, M, (ed.)
THEORY OF CRYTOGRAPHY, PROCEEDINGS.
(pp. 152 - 170).
Recently Canetti, Krawczyk and Nielsen defined the notion of replayable adaptive chosen ciphertext attack (RCCA) secure encryption. Essentially a cryptosystem that is RCCA secure has full CCA2 security except for the little detail that it may be possible to modify a ciphertext into another ciphertext containing the same plaintext.We investigate the possibility of perfectly replayable RCCA secure encryption. By this, we mean that anybody can convert a ciphertext y with plaintext m into a different ciphertext y' that is distributed identically to a fresh encryption of m. We propose such a rerandomizable cryptosystem, which is secure against semi-generic adversaries.We also define a weak form of RCCA (WRCCA) security. For this notion we provide a construction (inspired by Cramer and Shoup's CCA2 secure cryptosystems) that is both rerandomizable and provably WRCCA secure. We use it as a building block in our conjectured RCCA secure cryptosystem.
|Title:||Rerandomizable and replayable adaptive chosen ciphertext attack secure cryptosystems|
|Event:||1st Theory of Cryptography Conference (TCC 2004)|
|Location:||MIT, Cambridge, MA|
|Dates:||2004-02-19 - 2004-02-21|
|UCL classification:||UCL > School of BEAMS
UCL > School of BEAMS > Faculty of Engineering Science
Archive Staff Only