Skip to main content
Conference Proceedings

On the CCA1-security of Elgamal and Damgård's Elgamal

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2011) 6584 LNCS 18-35
DOI: 10.1007/978-3-642-21518-6_2
16Citations
Citations of this article
28Readers
Mendeley users who have this article in their library.
Get full text

Abstract

It is known that there exists a reduction from the CCA1-security of Damgård's Elgamal (DEG) cryptosystem to what we call the ddh dsdh assumption. We show that ddhdsdh is unnecessary for DEG-CCA1, while DDH is insufficient for DEG-CCA1. We also show that CCA1-security of the Elgamal cryptosystem is equivalent to another assumption ddhdsdh, while we show that ddhdsdh is insufficient for Elgamal's CCA1-security. Finally, we prove a generic-group model lower bound Ω(2√q) for the hardest considered assumption ddhdsdh, where q is the largest prime factor of the group order. © 2011 Springer-Verlag.

Author supplied keywords

Cite

CITATION STYLE

APA

Lipmaa, H. (2011). On the CCA1-security of Elgamal and Damgård’s Elgamal. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6584 LNCS, pp. 18–35). https://doi.org/10.1007/978-3-642-21518-6_2

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free