The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure

Seung Geol Choi, Javier Herranz, Dennis Hofheinz, Jung Yeon Hwang, Eike Kiltz, Dong Hoon Lee, Moti Yung

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

At CRYPTO 2004, Kurosawa and Desmedt presented a new hybrid encryption scheme that is chosen-ciphertext (CCA2) secure in the standard model. Until now it was unknown if the key encapsulation part of the Kurosawa-Desmedt scheme by itself is still CCA2-secure or not. In this note we answer this question to the negative, namely we present a simple CCA2 attack on the Kurosawa-Desmedt key encapsulation mechanism. Our attack further supports the design paradigm of Kurosawa and Desmedt to build CCA2-secure hybrid encryption from weak key encapsulation.

Original languageEnglish
Pages (from-to)897-901
Number of pages5
JournalInformation Processing Letters
Volume109
Issue number16
DOIs
Publication statusPublished - 2009 Jul 31

Keywords

  • Cryptography
  • Hybrid encryption
  • Key encapsulation mechanism

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Signal Processing
  • Information Systems
  • Computer Science Applications

Fingerprint Dive into the research topics of 'The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure'. Together they form a unique fingerprint.

  • Cite this

    Choi, S. G., Herranz, J., Hofheinz, D., Hwang, J. Y., Kiltz, E., Lee, D. H., & Yung, M. (2009). The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. Information Processing Letters, 109(16), 897-901. https://doi.org/10.1016/j.ipl.2009.04.007