Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Herzberg, Amir
Affiliations: Computer Science Department, Bar Ilan University, Ramat Gan, Israel. E-mail: herzbea@cs.biu.ac.il; URL: http://AmirHerzberg.com
Abstract: Cryptographic schemes are often designed as a combination of multiple component cryptographic modules. Such a combiner design is robust for a (security) specification if it meets the specification, provided that a sufficient subset of the components meet their specifications. A folklore combiner for encryption is cascade, i.e. Ee″″(Ee′′(m)). We show that cascade is a robust combiner for cryptosystems, under three important indistinguishability specifications: chosen plaintext attack (IND-CPA), non-adaptive chosen ciphertext attack (IND-CCA1), and replayable chosen ciphertext attack (IND-rCCA). We also show that cascade is not robust for the important specifications adaptive CCA (IND-CCA2) and generalized CCA (IND-gCCA). The IND-rCCA and IND-gCCA specifications are closely related, and this is an interesting difference between them. All specifications are defined within. We also analyze few other basic and folklore combiners. In particular, we show that the following are robust combiners: the parallel combiner f(x)=f″(x)‖f′(x) for one-way functions, the XOR-input combiner c=(Ee″″(m⊕r),Ee′′(r)) for cryptosystems, and the copy combiner fk″,k′(m)=fk″″(m)‖fk′′(m) for integrity tasks such as Message Authentication Codes (MAC) and signature schemes. Cascade is also robust for the hiding property of commitment schemes, and the copy combiner is robust for the binding property, but neither is a robust combiner for both properties. We present (new) robust combiners for commitment schemes; these new combiners can be viewed as a composition of the cascade and the copy combiners. Our combiners are simple, efficient and practical.
Keywords: Applied cryptography, robust combiners, foundations of cryptography, encryption schemes, cascade ciphers, hash functions, commitment schemes
DOI: 10.3233/JCS-2009-0336
Journal: Journal of Computer Security, vol. 17, no. 2, pp. 159-189, 2009
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl