|
|||||
|
|
The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure |
|
| Authors: | Seung Geol Choi Dennis Hofheinz Eike Kiltz Dong Hoon Lee Moti Yung |
| Affiliation: | a Department of Computer Science, Columbia University, 450 Computer Science Bldg., New York, USA b Dept. Matemàtica Aplicada IV, UPC, Barcelona, Spain c CWI, Amsterdam, The Netherlands d Graduate School of Information Management and Security, Korea University, Seoul, Republic of Korea e Google Inc., 76 Ninth Avenue, New York, NY 10011, USA |
| Abstract: | At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation. |
| Keywords: | Cryptography Hybrid encryption Key encapsulation mechanism |
| 本文献已被 ScienceDirect 等数据库收录! | |