On Achieving Chosen Ciphertext Security with Decryption Errors

• Published in: Applied Algebra, Algebraic Algorithms and Error-Correcting Codes pp. 173 - 182
• Main Authors: Cui, Yang, Kobara, Kazukuni, Imai, Hideki
• Format: Book Chapter
• Language: English
• Published: Berlin, Heidelberg Springer Berlin Heidelberg 2006
• Series: Lecture Notes in Computer Science
• Subjects: Decryption Error; Decryption Oracle; Probabilistic Encryption; Random Oracle; Random Oracle Model
• ISBN: 9783540314233; 3540314237
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/11617983_17

Perfect decryption has been always assumed in the research of public key encryption, however, this is not true all the time. For some public key encryption primitives, like NTRU [9] or Ajtai-Dwork [1], the decryption process may not obtain the corresponding message even the encryption and decryption are run correctly. Furthermore, such a kind of decryption errors will lead to some dangerous attacks against the underlying primitive. Another interesting point is that, those primitives are not based on the factoring, nor the discrete log problem which are subject to the Shor’s algorithm [18] with quantum computers. This kind of primitives may be promising in the post-quantum cryptography. Therefore, the decryption errors deserve much attention and should be coped with carefully. In this paper, our main technique is not to use any error-correcting codes to eliminate the errors, but to use some padding (transform) to hide “bad” errors from attacker’s control. We 1) efficiently enhance these error-prone public key encryption primitives to the chosen ciphertext security, even in the presence of the decryption errors, and 2) show that the solution is more generic, rather than some specific padding methods previously presented, to thwart the decryption errors based attacks successfully.