NESSIE Submissions

Workshop (12-13 september 2001, Egham, UK)

1. RSA-REACT: an Alternative to RSA-OAEP (.pdf.gz)

Workshop (13-14 november 2000, Leuven, Belgium)

1. EPOC Document
2. PSEC Document
3. GPS Document (.pdf.gz)

The Proposals EPOC and PSEC

• EPOC - Efficient Probabilistic Public-Key Encryption

  by Eiichiro Fujisaki, Tetsutaro Kobayashi, Hikaru Morita, Hiroaki Oguro, Tatsuaki Okamoto, Shigenori Uchiyama, 
  
  from NTT Laboratories, Nippon Telegraph and Telephone  
   
  
  Satomi Okazaki 
  
  from NTT Multimedia Communication Laboratories, Inc.  
   
  
  and David Pointcheval 
  
  from Ecole Normale Superieure  
   
  
  This first family (which includes three versions - EPOC 1, 2 and 3) is based on the Okamoto-Uchiyama trapdoor discrete logarithm [6].  
   
  

• PSEC (Update) - Provably Secure Elliptic Curve Encryption Scheme

  by Eiichiro Fujisaki, Tetsutaro Kobayashi, Hikaru Morita, Hiroaki Oguro, Tatsuaki Okamoto 
  
  from NTT Laboratories, Nippon Telegraph and Telephone  
   
  
  Satomi Okazaki 
  
  from NTT Multimedia Communication Laboratories, Inc.  
   
  
  and David Pointcheval 
  
  from Ecole Normale Superieure  
   
  
  This second family (which includes three versions - PSEC 1, 2 and 3) is based on the El Gamal encryption scheme [1], on elliptic curves.

1. EPOC 1/PSEC 1 - using the Fujisaki-Okamoto (PKC '99) conversion [2]
2. EPOC 2/PSEC 2 - using the Fujisaki-Okamoto (Crypto '99) conversion [3]
3. EPOC 3/PSEC 3 - using the REACT (RSA '2001) conversion [4], based on the Gap-Problems (PKC '2001) [5]

Source Codes and Test Vectors

The Proposal GPS

• GPS - an Asymmetric identification scheme for on the fly authentication of low cost smart cards

  by Olivier Baudron, Fabrice Boudot, Philippe Bourel, Emmanuel Bresson, Johann Corbel,
  Laurent Frisch, Henri Gilbert, Marc Girault, Louis Goubin, Jean-François Misarsky,
  Phong Nguyen, Jacques Patarin, David Pointcheval, Guillaume Poupard, Jacques Stern and Jacques Traoré  
   
  
  This proposal is based on the "on the fly" Authentication and Signature Generation paper [7]

References

1. T. El Gamal. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms.
   IEEE Transactions on Information Theory, IT--31(4):469--472, July 1985.
2. E. Fujisaki and T. Okamoto. How to enhance the security of public-key encryption at minimum cost.
   IEICE Transaction of Fundamentals of electronic Communications and Computer Science, E83-A(1):24--32, January 2000.
3. E. Fujisaki and T. Okamoto. Secure Integration of Asymmetric and Symmetric Encryption Schemes.
   In Crypto '99, LNCS 1666, pages 537-554. Springer-Verlag, Berlin, 1999.
4. T. Okamoto and D. Pointcheval. REACT: Rapid Enhanced-security Asymmetric Cryptosystem Transform.
   In the Cryptographers' Track of the RSA Security Conference '2001, LNCS. Springer-Verlag, Berlin, 2001.
   This paper is also known as OCAC or BEST.
5. T. Okamoto and D. Pointcheval. The Gap-Problems: a New Class of Problems for the Security of Cryptographic Schemes.
   In Proceedings of the 2001 International Workshop on Practice and Theory in Public Key Cryptography (PKC'2001), LNCS. Springer-Verlag, Berlin, 2001.
6. T. Okamoto and S. Uchiyama. A New Public Key Cryptosystem as Secure as Factoring.
   In Eurocrypt '98, LNCS 1403, pages 308-318. Springer-Verlag, Berlin, 1998.
7. G. Poupard and J. Stern. Security Analysis of a Practical "on the fly" Authentication and Signature Generation.
   In Eurocrypt '98, LNCS 1403, pages 422-436. Springer-Verlag, Berlin, 1998.