We revisit the construction of IND-CCA secure key encapsulation mechanisms (KEM) from public-key encryption schemes (PKE). We give new, tighter security reductions for several constructions. Our main result is an improved reduction for the security of the (formula presented)-transform of Hofheinz, Hövelmanns, and Kiltz (TCC’17) which turns OW-CPA secure deterministic PKEs into IND-CCA secure KEMs. This result is enabled by a new one-way to hiding (O2H) lemma which gives a tighter bound than previous O2H lemmas in certain settings and might be of independent interest. We extend this result also to the case of PKEs with non-zero decryption failure probability and non-deterministic PKEs. However, we assume that the derandomized PKE is injectiv...
The development of increasingly sophisticated quantum computers poses a long-term threat to current ...
We formalize the notion of a constrained linear trapdoor as an abstract strategy for the generation ...
Abstract. Assuming the existence of an indistinguishability obfuscator (iO), we show that a number o...
We revisit the construction of IND-CCA secure key encapsulation mechanisms (KEM) from public-key enc...
We revisit the construction of IND-CCA secure key encapsulation mechanisms (KEM) from public-key enc...
Key-encapsulation mechanisms secure against chosen ciphertext attacks (IND-CCA-secure KEMs) in the q...
With the gradual progress of NIST\u27s post-quantum cryptography standardization, the Round-1 KEM pr...
Abstract. While the hybrid public key encryption scheme of Kurosawa and Desmedt (CRYPTO 2004) is pro...
We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the...
We provide a tight security proof for an IND-CCA Ring-LWE based Key Encapsulation Mechanism that is ...
Abstract. We study simulation-based, selective opening security against chosen-ciphertext attacks (S...
The One-Way to Hiding (O2H) Lemma is a central component of proofs of chosen-ciphertext attack (CCA)...
In the quantum random oracle model, despite intensive recent research efforts, we are still lacking ...
Proxy re-encryption (PRE) is a highly useful cryptographic primitive whereby Alice and Bob can endow...
Bounded IND-CCA security (IND-qCCA) is a notion similar to the traditional IND-CCA security, except ...
The development of increasingly sophisticated quantum computers poses a long-term threat to current ...
We formalize the notion of a constrained linear trapdoor as an abstract strategy for the generation ...
Abstract. Assuming the existence of an indistinguishability obfuscator (iO), we show that a number o...
We revisit the construction of IND-CCA secure key encapsulation mechanisms (KEM) from public-key enc...
We revisit the construction of IND-CCA secure key encapsulation mechanisms (KEM) from public-key enc...
Key-encapsulation mechanisms secure against chosen ciphertext attacks (IND-CCA-secure KEMs) in the q...
With the gradual progress of NIST\u27s post-quantum cryptography standardization, the Round-1 KEM pr...
Abstract. While the hybrid public key encryption scheme of Kurosawa and Desmedt (CRYPTO 2004) is pro...
We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the...
We provide a tight security proof for an IND-CCA Ring-LWE based Key Encapsulation Mechanism that is ...
Abstract. We study simulation-based, selective opening security against chosen-ciphertext attacks (S...
The One-Way to Hiding (O2H) Lemma is a central component of proofs of chosen-ciphertext attack (CCA)...
In the quantum random oracle model, despite intensive recent research efforts, we are still lacking ...
Proxy re-encryption (PRE) is a highly useful cryptographic primitive whereby Alice and Bob can endow...
Bounded IND-CCA security (IND-qCCA) is a notion similar to the traditional IND-CCA security, except ...
The development of increasingly sophisticated quantum computers poses a long-term threat to current ...
We formalize the notion of a constrained linear trapdoor as an abstract strategy for the generation ...
Abstract. Assuming the existence of an indistinguishability obfuscator (iO), we show that a number o...