[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

On the security of ElGamal based encryption

  • Conference paper
  • First Online:
Public Key Cryptography (PKC 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1431))

Included in the following conference series:

Abstract

The ElGamal encryption scheme has been proposed several years ago and is one of the few probabilistic encryption schemes. However, its security has never been concretely proven based on clearly understood and accepted primitives. Here we show directly that the decision Diffie-Hellman assumption implies the security of the original ElGamal encryption scheme (with messages from a subgroup) without modification. In addition, we show that the opposite direction holds, i.e., the semantic security of the ElGamal encryption is actually equivalent to the decision Diffie-Hellman problem. We also present an exact analysis of the efficiency of the reduction.

Next we present additions on ElGamal encryption which result in non-malleability under adaptive chosen plaintext attacks. Non-malleability is equivalent to the decision Diffie-Hellman assumption, the existence of a random oracle (in practice a secure hash function) or a trusted beacon (as needed for the Fiat-Shamir argument), and one assumption about the unforgeability of Schnorr signatures. Our proof employs the tool of message awareness.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. D. Beaver. Plausible deniability. In Advances in Cryptology — PraguoCrypt '96 Proceedings, Prague, Czech Republic, 1996.

    Google Scholar 

  2. D. Beaver. Plug and play cryptography. In Advances in Cryptology — CRYPTO '97 Proceedings, LLNCS 1294, Santa Barbara, CA, August 17–21 1997. Springer-Verlag.

    Google Scholar 

  3. E. F. Brickell, D. Gordon, and K. S. McCurley. Fast exponentiation with precomputation. In Advances in Cryptology — Eurocrypt '92, Proceedings (Lecture Notes in Computer Science 658). Springer-Verlag, 1993.

    Google Scholar 

  4. M. Bellare and P. Rogaway. Optimal assymetric encryption — how to encrypt with RSA. In A. De Santis, editor, Advances in Cryptology, Proc. of Eurocrypt '94, (Lecture notes in Computer Science Volume 950), Perugia, Italy, May 9–12 1994. Springer-Verlag.

    Google Scholar 

  5. M. Bellare and P. Rogaway. Minimizing the use of random oracles in authenticated encryption schemes. In ISICS '97, 1997.

    Google Scholar 

  6. R. Canetti. Towards realizing random oracles: Hash functions that hide all partial information. In B. Kaliski, editor, Advances in Cryptology — CRYPTO '97 Proceedings, LLNCS 1294, pages 455–469, Santa Barbara, CA, August 17–21 1997. Springer-Verlag.

    Google Scholar 

  7. R. Cramer and V. Shoup. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack, 1998. Preprint. Available at http://www.cs.wisc.edu/ shoup/papers/.

    Google Scholar 

  8. I. B. Damgård. Towards practical public key systems against chosen ciphertext attacks. In J. Feigenbaum, editor, Advances in Cryptology, Proc. of Crypto '91 (Lecture Notes in Computer Science 576), pages 445–456. Springer-Verlag, 1991.

    Google Scholar 

  9. O. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography. In Proceedings of the 23rd Symposium on Theory of Computing, ACM STOC, 1991.

    Google Scholar 

  10. T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory, 31:469–472, 1985.

    Article  MATH  MathSciNet  Google Scholar 

  11. T. ElGamal, January 1998. Personal communication.

    Google Scholar 

  12. A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. Odlyzko, editor, Advances in Cryptology, Proc. of Crypto '86 (Lecture Notes in Computer Science 263), pages 186–194. Springer-Verlag, 1987. Santa Barbara, CA, August 11–15.

    Google Scholar 

  13. Y. Frankel, Y. Tsiounis, and M. Yung. Indirect discourse proofs: achieving fair off-line e-cash. In Advances in Cryptology, Proc. of Asiacrypt '96 (Lecture Notes in Computer Science 1163), pages 286–300, Kyongju, South Korea, November 3–7 1996. Springer-Verlag, http://yiannis.home.ml.org/pubs.html

    Google Scholar 

  14. S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28(2):270–299, April 1984.

    Article  MathSciNet  Google Scholar 

  15. O. Goldreich. Foundations of cryptography, 1989. Class notes. Available at http://www.wisdom.weizmann.ac.il/people/homepages/oded/ln89.html.

    Google Scholar 

  16. O. Goldreich. A uniform-complexity treatment of encryption and zero-knowledge. Journal of Cryptology, 6(1):21–53, 1993.

    MATH  MathSciNet  Google Scholar 

  17. S. Micali, C. Rackoff, and B. Sloan. The notion of security for probabilistic cryptosystems. SIAM Journal of Computing, 17:412–426, 1988.

    Article  MathSciNet  Google Scholar 

  18. M. Naor and O. Reingold. On the construction of pseudo-random permutations: Luby-Rackoff revisited. In 38th Annual Symp. on Foundations of Computer Science (FOCS), 1997.

    Google Scholar 

  19. M. Naor and M. Yung. Public-key cryptosytems provably secure against chosen ciphertext attack. In Proceedings of the twenty second annual ACM Symp. Theory of Computing, STOC, pages 427–437, May 14–16, 1990.

    Google Scholar 

  20. D. Pointcheval and J. Stern. Security proofs for signature schemes. In U. Maurer, editor, Advances in Cryptology-Eurocrypt '96, pages 387–398, Zaragoza, Spain, May 11–16, 1996. Springer-Verlag.

    Google Scholar 

  21. C. Rackoff and D. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In Advances in Cryptology-Crypto '91 (LLNCS 576), pages 433–444, Santa Barbara, CA, 1992. Springer-Verlag.

    Google Scholar 

  22. C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161–174, 1991.

    Article  MATH  MathSciNet  Google Scholar 

  23. K. Sakurai and H. Shizuya. Relationships among the computational powers of breaking discrete log cryptosystems. Journal of Cryptology, 1998. To appear.

    Google Scholar 

  24. Y. Tsiounis and M. Yung. The semantic security of El Gamal encryption is equivalent to the decision Diffie-Hellman. Technical Report, GTE Laboratories Inc., May 1997.

    Google Scholar 

  25. Y. Zheng. Digital signcryption or how to achieve cost (signature & encryption) ≪ cost(signature) + cost (encryption). In B. Kaliski, editor, Advances in Cryptology-Crypto '97 (Lecture Notes in Computer Science 1294), pages 165–179, Santa Barbara, CA, August 17–21 1997. Springer-Verlag.

    Google Scholar 

  26. Y. Zheng and J. Seberry. Immunizing public key cryptosystems against chosen ciphertext attacks. IEEE Journal on Selected Areas in Communications, 11(5):715–724, June 1993.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Hideki Imai Yuliang Zheng

Rights and permissions

Reprints and permissions

Copyright information

© 1998 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tsiounis, Y., Yung, M. (1998). On the security of ElGamal based encryption. In: Imai, H., Zheng, Y. (eds) Public Key Cryptography. PKC 1998. Lecture Notes in Computer Science, vol 1431. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0054019

Download citation

  • DOI: https://doi.org/10.1007/BFb0054019

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-64693-8

  • Online ISBN: 978-3-540-69105-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics