International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Authenticated Encryption in the Public-Key Setting: Security Notions and Analyses

Authors:
Jee Hea An
Download:
URL: http://eprint.iacr.org/2001/079
Search ePrint
Search Google
Abstract: This paper addresses the security of authenticated encryption schemes in the public key setting. We present two new notions of authenticity that are stronger than the integrity notions given in the symmetric setting \cite{bn00}. We also show that chosen-ciphertext attack security (IND-CCA) in the public key setting is not obtained in general from the combination of chosen-plaintext security (IND-CPA) and integrity of ciphertext (INT-CTXT), which is in contrast to the results shown in the symmetric setting \cite{ky00,bn00}. We provide security analyses of authenticated encryption schemes constructed by combining a given public key encryption scheme and a given digital signature scheme in a ``generic'' manner ---namely, Encrypt-and-Sign, Sign-then-Encrypt, and Encrypt-then-Sign--- and show that none of them, in general, provide security under all notions defined in this paper. We then present a scheme called {\em ESSR} that meets all security notions defined here. We also give security analyses on an efficient Diffie-Hellman based scheme called {\em DHETM}, which can be thought of as a transform of the encryption scheme ``DHIES'' \cite{abr01} into an {\em authenticated} encryption scheme in the public key setting.
BibTeX
@misc{eprint-2001-11491,
  title={Authenticated Encryption in the Public-Key Setting: Security Notions and Analyses},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / Public key setting, Authenticated encryption, Privacy, Authenticity, Unforgeability},
  url={http://eprint.iacr.org/2001/079},
  note={ jeehea@cs.ucsd.edu 11577 received 12 Sep 2001},
  author={Jee Hea An},
  year=2001
}