|
Title:
|
Bounded CCA2-Secure Non-Malleable Encryption |
|
Author:
|
Pass, Rafael; Shelat, Abhi; Vaikuntanathan, Vinod |
|
Other Contributors:
|
Theory of Computation |
|
Advisor:
|
Shafi Goldwasser |
|
Issue Date:
|
2006-12-14 |
|
Abstract:
|
Under an adaptive chosen ciphertext attack (CCA2), the security of an encryption scheme must hold against adversaries that have access to a decryption oracle. We consider a weakening of CCA2 security, wherein security need only hold against adversaries making an a-priori bounded number of queries to the decryption oracle. Concerning this notion, which we call bounded-CCA2 security, we show the following two results. (1) Bounded-CCA2 secure non-malleable encryption schemes exist if and only if semantically-secure (IND-CPA-secure) encryption schemes exist.(As far as we know, bounded-CCA2 non-malleability is the strongest notion of security known to be satisfiable assuming only the existence of semantically-secure encryption schemes.) (2) In contrast to CCA2 security, bounded-CCA2 security alone does not imply non-malleability. In particular, if there exists an encryption scheme that is bounded-CCA2 secure, then there exists another encryption scheme which remains bounded-CCA2 secure, but is malleable under a simple chosen-plaintext attack. |
|
URI:
|
http://hdl.handle.net/1721.1/34968
|
|
Other Identifiers:
|
MIT-CSAIL-TR-2006-081 |
|
Series/Report no.:
|
Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory |
|
Keywords:
|
Public-key Encryption, Non-Malleability, Chosen Ciphertext Security |
