A central question in the theory of public-key cryptography is to determine which minimal assumptions are sufficient to achieve security against chosen-ciphertext attacks (or CCA-security, for short). Following the large body of work on hardness and correctness amplification, we investigate how far we can weaken CCA security and still be able to efficiently transform any scheme satisfying such a weaker notion into a fully CCA-secure one. More concretely, we consider a weak CCA-secure bit-encryption scheme with decryption error (1 - α)/2 where an adversary can distinguish encryptions of different messages with possibly large advantage β < 1 - 1/poly. We show that whenever α2 > β, the weak correctness and security properties can be simultaneously amplified to obtain a fully CCA-secure encryption scheme with negligible decryption error. Our approach relies both on a new hardcore lemma for CCA security as well as on revisiting the recently proposed approach to obtain CCA security due to Hohenberger et al (EUROCRYPT '12). We note that such amplification results were only known in the simpler case of security against chosen-plaintext attacks. © 2013 International Association for Cryptologic Research.
CITATION STYLE
Lin, H., & Tessaro, S. (2013). Amplification of chosen-ciphertext security. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7881 LNCS, pp. 503–519). https://doi.org/10.1007/978-3-642-38348-9_30
Mendeley helps you to discover research relevant for your work.