A CCA Secure Hybrid Damgård's ElGamal Encryption
Yvo Desmedt, Helger Lipmaa and Duong Hieu Phan
Abstract:
In 1991, Damgård proposed a simple public-key cryptosystem that
he proved CCA1-secure under the Diffie-Hellman Knowledge assumption.
Only in 2006, Gjøsteen proved its CCA1-security under a more standard
but still new and strong assumption. The known CCA2-secure public-key
cryptosystems are considerably more complicated. We propose a hybrid variant
of Damgård's public-key cryptosystem and show that it is CCA1-secure if the
used symmetric cryptosystem is CPA-secure, the used MAC is unforgeable,
the used key-derivation function is secure, and the underlying group is a DDH
group. The new cryptosystem is the most efficient known CCA1-secure hybrid
cryptosystem based on standard assumptions.
Ref: Proceeding of CANS '08, Lecture Notes in Computer Science Vol. 5339, pages 18-30, Springer-Verlag, 2008.
Available: pdf.