Efficient key dependent message security amplification against chosen ciphertext attacks

Abstract

Applebaum (EUROCRYPT 2011) showed how to convert a public key encryption (PKE) scheme which is key dependent message (KDM) secure with respect to projection functions (also called projection- KDM secure) to a scheme which is KDM secure with respect to functions computable by polynomially bounded-size circuits (also called bounded- KDM secure). This result holds in both of the chosen plaintext attack (CPA) setting and the chosen ciphertext attack (CCA) setting. Bellare et al. (CCS 2012) later showed another conversion from a projection-KDM secure scheme to a bounded-KDM secure one, which is more efficient than Applebaum’s, but works only in the CPA setting. In this work, we show an efficient conversion from a projection-KDM-CCA secure PKE scheme to a bounded-KDM-CCA secure PKE scheme. To see that our conversion leads to more efficient bounded-KDM-CCA secure schemes than Applebaum’s, we show that by combining our result with several known results, we can obtain currently the most efficient bounded-KDM-CCA secure PKE scheme based on the symmetric external Diffie-Hellman (SXDH) assumption.