Abstract | ||
---|---|---|
In this paper, we formally prove that padding the plaintext with a random bit-string provides the semantic security against chosen plaintext attack (IND-CPA) for the McEliece (and its dual, the Niederreiter) cryptosystems under the standard assumptions. Such padding has recently been used by Suzuki, Kobara and Imai in the context of RFID security. Our proof relies on the technical result by Katz and Shin from Eurocrypt '05 showing "pseudorandomness" implied by the learning parity with noise (LPN) problem. We do not need the random oracles as opposed to the known generic constructions which, on the other hand, provide a stronger protection as compared to our scheme--against (adaptive) chosen ciphertext attack, i.e., IND-CCA(2). In order to show that the padded version of the cryptosystem remains practical, we provide some estimates for suitable key sizes together with corresponding workload required for successful attack. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1007/s10623-008-9175-9 | Des. Codes Cryptography |
Keywords | Field | DocType |
random oracle,chosen ciphertext attack,standard model,semantic security,mceliece cryptosystem | Semantic security,Cramer–Shoup cryptosystem,Ciphertext indistinguishability,Goldwasser–Micali cryptosystem,Plaintext-aware encryption,Theoretical computer science,McEliece cryptosystem,Mathematics,Plaintext,Niederreiter cryptosystem | Journal |
Volume | Issue | ISSN |
49 | 1-3 | 0925-1022 |
Citations | PageRank | References |
47 | 1.63 | 22 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ryo Nojima | 1 | 101 | 8.53 |
Hideki Imai | 2 | 615 | 43.56 |
kazukuni kobara | 3 | 387 | 47.00 |
Kirill Morozov | 4 | 204 | 19.18 |