Abstract
While the hybrid public key encryption scheme of Kurosawa and Desmedt (CRYPTO 2004) is provably secure against chosen ciphertext attacks (namely, IND-CCA-secure), its associated key encapsulation mechanism (KEM) is not IND-CCA-secure (Herranz et al. 2006, Choi et al. 2009). In this paper, we show a simple twist on the Kurosawa-Desmedt KEM turning it into a scheme with IND-CCA security under the decisional Diffie-Hellman assumption. Our KEM beats the standardized version of Cramer-Shoup KEM in ISO/IEC 18033-2 by margins of at least 20% in encapsulation speed, and 20% ~ 60% in decapsulation speed. Moreover, the public and secret key sizes in our schemes are at least 160-bit smaller than those of the Cramer-Shoup KEM. We then generalize the technique into hash proof systems, proposing several KEM schemes with IND-CCA security under decision linear and decisional composite residuosity assumptions respectively. All the KEMs are in the standard model, and use standard, computationally secure symmetric building blocks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
International Organization for Standardization, Genève, Switzerland. ISO/IEC 18033-2:2006, Information technology — Security techniques — Encryption Algorithms — Part 2: Asymmetric Ciphers, Final Committee Draft (2006), http://shoup.net/iso/
Cryptography Research and Evaluation Committees (CRYPTREC). Specifications of ciphers in the Candidate Recommended Ciphers List (March, 2013), http://www.cryptrec.go.jp/english/method.html
Abe, M., Gennaro, R., Kurosawa, K.: Tag-KEM/DEM: A new framework for hybrid encryption. J. Cryptology 21(1), 97–130 (2008)
American National Standards Institute. ANSI X9.44-2007: Key Establishment Using Integer Factorization Cryptography (2007)
Anada, H., Arita, S.: Identification schemes from key encapsulation mechanisms. IEICE Transactions 95-A(7), 1136–1155 (2012)
Baek, J., Galindo, D., Susilo, W., Zhou, J.: Constructing strong KEM from weak KEM (or how to revive the KEM/DEM framework). In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 358–374. Springer, Heidelberg (2008)
Bernstein, D.J.: Pippenger’s exponentiation algorithm (2002), http://cr.yp.to/papers/pippenger.pdf
Boyd, C., Cliff, Y., Nieto, J.M.G., Paterson, K.G.: One-round key exchange in the standard model. IJACT 1(3), 181–199 (2009)
Choi, S.G., Herranz, J., Hofheinz, D., Hwang, J.Y., Kiltz, E., Lee, D.H., Yung, M.: The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. Inf. Process. Lett. 109(16), 897–901 (2009)
Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33, 167–226 (2001)
Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)
Desmedt, Y., Gennaro, R., Kurosawa, K., Shoup, V.: A new and improved paradigm for hybrid encryption secure against chosen-ciphertext attack. J. Cryptology 23(1), 91–120 (2010)
Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Strongly secure authenticated key exchange from factoring, codes, and lattices. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 467–484. Springer, Heidelberg (2012)
Herranz, J., Hofheinz, D., Kiltz, E.: The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. IACR Cryptology ePrint Archive 2006, 207 (2006)
Hofheinz, D., Kiltz, E.: Secure hybrid encryption from weakened key encapsulation. Cryptology ePrint Archive, Report 2007/288 (2007), http://eprint.iacr.org/ . Full version of a paper at Menezes, A. (ed.): CRYPTO 2007. LNCS, vol. 4622. Springer, Heidelberg (2007)
Kiltz, E.: Chosen-ciphertext secure key-encapsulation based on gap hashed Diffie-Hellman. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 282–297. Springer, Heidelberg (2007)
Krawczyk, H., Paterson, K.G., Wee, H.: On the security of the TLS protocol: A systematic analysis. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 429–448. Springer, Heidelberg (2013)
Kurosawa, K., Desmedt, Y.G.: A new paradigm of hybrid encryption scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)
Kurosawa, K., Phong, L.T.: Kurosawa-Desmedt key encapsulation mechanism, revisited. Cryptology ePrint Archive, Report 2013/765 (2013), http://eprint.iacr.org/ ; Full version of this manuscript
National Institute of Standards and Technology. Recommended elliptic curves for federal government use (1999), http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf
Okamoto, T.: Authenticated key exchange and key encapsulation in the standard model. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 474–484. Springer, Heidelberg (2007) Revised version available at http://eprint.iacr.org/2007/473
Yoneyama, K.: Compact authenticated key exchange from bounded CCA-secure KEM. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 161–178. Springer, Heidelberg (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kurosawa, K., Trieu Phong, L. (2014). Kurosawa-Desmedt Key Encapsulation Mechanism, Revisited. In: Pointcheval, D., Vergnaud, D. (eds) Progress in Cryptology – AFRICACRYPT 2014. AFRICACRYPT 2014. Lecture Notes in Computer Science, vol 8469. Springer, Cham. https://doi.org/10.1007/978-3-319-06734-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-06734-6_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06733-9
Online ISBN: 978-3-319-06734-6
eBook Packages: Computer ScienceComputer Science (R0)