Skip to main content
SpringerLink
Log in

Relaxing IND-CCA: Indistinguishability against Chosen Ciphertext Verification Attack

  • Conference paper
Security, Privacy, and Applied Cryptography Engineering (SPACE 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7644))

Abstract

The definition of IND-CCA security model for public key encryption allows an adversary to obtain (adaptively) decryption of ciphertexts of its choice. That is, the adversary is given oracle access to the decryption function corresponding to the decryption key in use. The adversary may make queries that do not correspond to a valid ciphertext, and the answer will be accordingly (i.e., a special “failure” symbol).

In this article, we investigate the case where we restrict the oracle to only determine if the query made is a valid ciphertext or not. That is, the oracle will output 1 if the query string is a valid ciphertext (do not output the corresponding plaintext) and output 0 otherwise. We call this oracle as “ciphertext verification oracle” and the corresponding security model as Indistinguishability against chosen ciphertext verification attack (IND-CCVA). We point out that this seemingly weaker security model is meaningful, clear and useful to the extent where we motivate that certain cryptographic functionalities can be achieved by ensuring the IND-CCVA security where as IND-CPA is not sufficient and IND-CCA provides more than necessary. We support our claim by providing nontrivial construction (existing/new) of:

  • public key encryption schemes that are IND-CCVA secure but not IND-CCA secure,

  • public key encryption schemes that are IND-CPA secure but not IND-CCVA secure.

  • public key encryption schemes that are IND-CCA1 secure but not IND-CCVA secure.

Our discoveries are another manifestation of the subtleties that make the study of security notions for public key encryption schemes so attractive and are important towards achieving the definitional clarity of the target security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alexi, W., Chor, B., Goldreich, O., Schnorr, P.: Bit security of RSA and Rabin functions. SIAM Journal of Computing 17(2), 194–209 (1988)

    Article  MATH  MathSciNet  Google Scholar 

  2. Bellare, M., Rogaway, P.: Optimal Asymmetric Encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  3. Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  4. Bleichenbacher, D.: Chosen Ciphertext Attacks against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  5. Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  6. Cramer, R., Shoup, V.: Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Elkind, E., Sahai, A.: A Unified Methodology For Constructing Public-Key Encryption Schemes Secure Against Adaptive Chosen-Ciphertext Attack, http://eprint.iacr.org/2002/042

  8. Dolev, D., Dwork, C., Naor, M.: Non-Malleable Cryptography. SIAM J. Computing 30(2), 391–437 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  9. Freier, A.O., Karlton, P., Kocher, P.C.: The SSL Protocol. Version 3.0

    Google Scholar 

  10. Goldreich, O.: A Uniform Complexity Treatment of Encryption and Zero-Knowledge. J. Cryptology 6(1), 21–35 (1993)

    Article  MATH  MathSciNet  Google Scholar 

  11. Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press (2004)

    Google Scholar 

  12. Goldwasser, S., Micalli, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984)

    Article  MATH  MathSciNet  Google Scholar 

  13. Goldwasser, S., Micali, S., Tong, P.: Why and how to establish a private code on a public network. In: Proc. 23rd IEEE Symp. on Foundations of Comp. Science, Chicago, pp. 134–144 (1982)

    Google Scholar 

  14. Håstad, J., Näslund, M.: The security of individual RSA bits (1998) (manuscript)

    Google Scholar 

  15. Loftus, J., May, A., Smart, N.P., Vercauteren, F.: On CCA-Secure Somewhat Homomorphic Encryption. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 55–72. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Naor, M., Yung, M.: Public-key cryptosystem provably secure against chosen ciphertext attacks. In: Proc. STOC, pp. 427–437 (1990)

    Google Scholar 

  17. Public-Key Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography Standard. RSA Security Inc. (2002)

    Google Scholar 

  18. Rackoff, C., Simon, D.: Non-interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)

    Google Scholar 

  19. RSA Data Security, Inc. PKCS #1: RSA Encryption Standard. Redwood City, CA. Version 1.5 (November 1993)

    Google Scholar 

  20. Shoup, V.: Why chosen ciphertext security matters. Technical Report RZ 3076, IBM Zurich (1998)

    Google Scholar 

  21. Vivek, S., Deva Selvi, S., Pandu Rangan, C.: CCA Secure Certificateless Encryption Schemes based on RSA. In: Proc. Secrypt 2011, pp. 208–217 (2011)

    Google Scholar 

  22. Vivek, S., Deva Selvi, S., Pandu Rangan, C.: Stronger Public Key Encryption Schemes Withstanding RAM Scraper Like Attacks. ePrint Archive: Report 2012/118 (2012)

    Google Scholar 

  23. Hofheinz, D., Kiltz, E.: Secure Hybrid Encryption from Weakened Key Encapsulation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 553–571. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  24. Hohenberger, S., Lewko, A., Waters, B.: Detecting Dangerous Queries: A New Approach for Chosen Ciphertext Security. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 663–681. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  25. Cramer, R., Hanaoka, G., Hofheinz, D., Imai, H., Kiltz, E., Pass, R., Shelat, A., Vaikuntanathan, V.: Bounded CCA2-Secure Encryption. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 502–518. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Applied Statistics Unit, Indian Statistical Institute, Kolkata, 700 108, India

    Sumit Kumar Pandey & Santanu Sarkar

  2. C R RAO AIMSCS, Hyderabad, India

    Mahabir Prasad Jhanwar

Authors
  1. Sumit Kumar Pandey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Santanu Sarkar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mahabir Prasad Jhanwar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ESAT/SCD/COSIC, KU Leuven, Kasteelpart Arenberg 10, 3001, Leuven-Heverlee, Belgium

    Andrey Bogdanov

  2. IIIT Delhi, Okhla Industrial Area, Phase III, 110020, New Delhi, India

    Somitra Sanadhya

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kumar Pandey, S., Sarkar, S., Prasad Jhanwar, M. (2012). Relaxing IND-CCA: Indistinguishability against Chosen Ciphertext Verification Attack. In: Bogdanov, A., Sanadhya, S. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2012. Lecture Notes in Computer Science, vol 7644. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34416-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34416-9_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34415-2

  • Online ISBN: 978-3-642-34416-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation