TY - JOUR
T1 - Tight Security of Twin-DH Hashed ElGamal KEM in Multi-User Setting
AU - Hashimoto, Yuji
AU - Nuida, Koji
AU - Hanaoka, Goichiro
N1 - Publisher Copyright:
Copyright © 2022 The Institute of Electronics, Information and Communication Engineers.
PY - 2022/3
Y1 - 2022/3
N2 - It is an important research area to construct a cryptosystem that satisfies the security for multi-user setting. In addition, it is desirable that such a cryptosystem is tightly secure and the ciphertext size is small. For IND-CCA public key encryption schemes for multi-user setting with constant-size ciphertexts tightly secure under the DH assumptions, in 2020, Y. Sakai and G. Hanaoka firstly proposed such a scheme (implicitly based on hybrid encryption paradigm) under the DDH assumption. More recently, Y. Lee et al. proposed such a hybrid encryption scheme (with slightly stronger security) where the assumption for the KEM part is weakened to the CDH assumption. In this paper, we revisit the twin-DH hashed ElGamal KEM with even shorter ciphertexts than those schemes, and prove that its IND-CCA security for multi-user setting is in fact tightly reducible to the CDH assumption.
AB - It is an important research area to construct a cryptosystem that satisfies the security for multi-user setting. In addition, it is desirable that such a cryptosystem is tightly secure and the ciphertext size is small. For IND-CCA public key encryption schemes for multi-user setting with constant-size ciphertexts tightly secure under the DH assumptions, in 2020, Y. Sakai and G. Hanaoka firstly proposed such a scheme (implicitly based on hybrid encryption paradigm) under the DDH assumption. More recently, Y. Lee et al. proposed such a hybrid encryption scheme (with slightly stronger security) where the assumption for the KEM part is weakened to the CDH assumption. In this paper, we revisit the twin-DH hashed ElGamal KEM with even shorter ciphertexts than those schemes, and prove that its IND-CCA security for multi-user setting is in fact tightly reducible to the CDH assumption.
UR - http://www.scopus.com/inward/record.url?scp=85149141212&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85149141212&partnerID=8YFLogxK
U2 - 10.1587/TRANSFUN.2021CIP0008
DO - 10.1587/TRANSFUN.2021CIP0008
M3 - Article
AN - SCOPUS:85149141212
SN - 0916-8508
VL - E105A
SP - 173
EP - 181
JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
IS - 3
ER -