Plaintext-awareness of hybrid encryption

Shaoquan Jiang*, Huaxiong Wang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

8 Citations (Scopus)


We study plaintext awareness for hybrid encryptions. Based on a binary relation R, we define a new notion of PA2 (or R-PA2 for short) and a notion of IND-CCA2 (or R-IND-CCA2 for short) for key encapsulation mechanism (KEM). We define a relation RDEM from the description of data encryption mechanism (DEM). We prove two composition results, which holds with or without (public) random oracles. a. When KEM, with RDEM -PA2 and R DEM -IND-CCA2 security, composes with a one-time pseudorandom and unforgeable (OT-PUE) DEM, the resulting hybrid encryption is PA2 secure. OT-PUE is weak and even unnecessarily passively secure and can be realized by a one-time pad encryption followed by a pseudorandom function. b. If KEM is R DEM -IND-CCA and DEM is passively secure and unforgeable, the hybrid encryption (KEM, DEM) is IND-CCA2 secure. As an application, we show that DHIES, a public key encryption scheme by Abdalla et al. [1] and now in IEEE P1361a and ANSI X.963, is PA2 secure. As another application, we prove that a hash proof system based hybrid encryption is PA2. Consequently, this especially implies that the concrete Kurosawa-Desmedt hybrid encryption (CRYPTO04) is PA2.

Original languageEnglish
Title of host publicationTopics in cryptology - CT-RSA 2010
Subtitle of host publicationthe cryptographers' track at the RSA conference 2010, proceedings
EditorsJosef Pieprzyk
Place of PublicationBerlin; Heidelberg
PublisherSpringer, Springer Nature
Number of pages16
ISBN (Print)3642119247, 9783642119248
Publication statusPublished - 2010
Event10th Cryptographers' Track at the RSA Conference, CT-RSA 2010 - San Francisco, CA, United States
Duration: 1 Mar 20105 Mar 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5985 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349


Other10th Cryptographers' Track at the RSA Conference, CT-RSA 2010
Country/TerritoryUnited States
CitySan Francisco, CA


Dive into the research topics of 'Plaintext-awareness of hybrid encryption'. Together they form a unique fingerprint.

Cite this