The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure

Seung Geol Choi, Javier Herranz, Dennis Hofheinz, Jung Yeon Hwang, Eike Kiltz, Dong Hoon Lee, Moti Yung

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.

Original languageEnglish
Pages (from-to)897-901
Number of pages5
JournalInformation Processing Letters
Volume109
Issue number16
DOIs
Publication statusPublished - 2009 Jul 31

Fingerprint

Encapsulation
Encryption
Cryptography
Attack
Standard Model
Paradigm
Unknown

Keywords

  • Cryptography
  • Hybrid encryption
  • Key encapsulation mechanism

ASJC Scopus subject areas

  • Information Systems
  • Computer Science Applications
  • Signal Processing
  • Theoretical Computer Science

Cite this

Choi, S. G., Herranz, J., Hofheinz, D., Hwang, J. Y., Kiltz, E., Lee, D. H., & Yung, M. (2009). The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. Information Processing Letters, 109(16), 897-901. https://doi.org/10.1016/j.ipl.2009.04.007

The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. / Choi, Seung Geol; Herranz, Javier; Hofheinz, Dennis; Hwang, Jung Yeon; Kiltz, Eike; Lee, Dong Hoon; Yung, Moti.

In: Information Processing Letters, Vol. 109, No. 16, 31.07.2009, p. 897-901.

Research output: Contribution to journalArticle

Choi, SG, Herranz, J, Hofheinz, D, Hwang, JY, Kiltz, E, Lee, DH & Yung, M 2009, 'The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure', Information Processing Letters, vol. 109, no. 16, pp. 897-901. https://doi.org/10.1016/j.ipl.2009.04.007
Choi, Seung Geol ; Herranz, Javier ; Hofheinz, Dennis ; Hwang, Jung Yeon ; Kiltz, Eike ; Lee, Dong Hoon ; Yung, Moti. / The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. In: Information Processing Letters. 2009 ; Vol. 109, No. 16. pp. 897-901.
@article{4c3b4fa65ca340fba4c3d87494e3669e,
title = "The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure",
abstract = "At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.",
keywords = "Cryptography, Hybrid encryption, Key encapsulation mechanism",
author = "Choi, {Seung Geol} and Javier Herranz and Dennis Hofheinz and Hwang, {Jung Yeon} and Eike Kiltz and Lee, {Dong Hoon} and Moti Yung",
year = "2009",
month = "7",
day = "31",
doi = "10.1016/j.ipl.2009.04.007",
language = "English",
volume = "109",
pages = "897--901",
journal = "Information Processing Letters",
issn = "0020-0190",
publisher = "Elsevier",
number = "16",

}

TY - JOUR

T1 - The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure

AU - Choi, Seung Geol

AU - Herranz, Javier

AU - Hofheinz, Dennis

AU - Hwang, Jung Yeon

AU - Kiltz, Eike

AU - Lee, Dong Hoon

AU - Yung, Moti

PY - 2009/7/31

Y1 - 2009/7/31

N2 - At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.

AB - At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.

KW - Cryptography

KW - Hybrid encryption

KW - Key encapsulation mechanism

UR - http://www.scopus.com/inward/record.url?scp=67649372669&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67649372669&partnerID=8YFLogxK

U2 - 10.1016/j.ipl.2009.04.007

DO - 10.1016/j.ipl.2009.04.007

M3 - Article

AN - SCOPUS:67649372669

VL - 109

SP - 897

EP - 901

JO - Information Processing Letters

JF - Information Processing Letters

SN - 0020-0190

IS - 16

ER -