We construct a public-key encryption (PKE) scheme whose security is polynomial-time equivalent to the hardness of the Subset Sum problem. Our scheme achieves the standard notion of indistinguishability against chosen-ciphertext attacks (IND-CCA) and can be used to encrypt messages of arbitrary polynomial length, improving upon a previous construction by Lyubashevsky, Palacio, and Segev (TCC 2010) which achieved only the weaker notion of semantic security (IND-CPA) and whose concrete security decreases with the length of the message being encrypted. At the core of our construction is a trapdoor technique which originates in the work of Micciancio and Peikert (Eurocrypt 2012)
Chosen-ciphertext security from subset sum / Faust, Sebastian; Masny, Daniel; Venturi, Daniele. - 9614:(2016), pp. 35-46. (Intervento presentato al convegno 19th IACR International Conference on Practice and Theory in Public-Key Cryptography, PKC 2016 tenutosi a Taipei, Taiwan, March 6-9, 2016, ... nel 2016) [10.1007/978-3-662-49384-7_2].
Chosen-ciphertext security from subset sum
VENTURI, DANIELE
2016
Abstract
We construct a public-key encryption (PKE) scheme whose security is polynomial-time equivalent to the hardness of the Subset Sum problem. Our scheme achieves the standard notion of indistinguishability against chosen-ciphertext attacks (IND-CCA) and can be used to encrypt messages of arbitrary polynomial length, improving upon a previous construction by Lyubashevsky, Palacio, and Segev (TCC 2010) which achieved only the weaker notion of semantic security (IND-CPA) and whose concrete security decreases with the length of the message being encrypted. At the core of our construction is a trapdoor technique which originates in the work of Micciancio and Peikert (Eurocrypt 2012)File | Dimensione | Formato | |
---|---|---|---|
Venturi_chosen_2016.pdf
accesso aperto
Note: Full version
Tipologia:
Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
344.38 kB
Formato
Adobe PDF
|
344.38 kB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.