@inbook{29204372fd724b10a1a5c0e02cbd0397,
title = "Chosen-ciphertext security without redundancy",
abstract = "We propose asymmetric encryption schemes for which all ciphertexts are valid (which means here {"}reachable{"}: the encryption function is not only a probabilistic injection, but also a surjection). We thus introduce the Full-Domain Permutation encryption scheme which uses a random permutation. This is the first IND-CCA cryptosystem based on any trapdoor one-way permutation without redundancy, and more interestingly, the bandwidth is optimal: the ciphertext is over k more bits only than the plaintext, where 2-k is the expected security level. Thereafter, we apply it into the random oracle model by instantiating the random permutation with a Feistel network construction, and thus using OAEP. Unfortunately, the usual 2-round OAEP does not seem to be provably secure, but a 3-round can be proved IND-CCA even without the usual redundancy m∥0k1, under the partial-domain one-wayness of any trapdoor permutation. Although the bandwidth is not as good as in the random permutation model, absence of redundancy is quite new and interesting: many implementation risks are ruled out.",
author = "Phan, \{Duong Hieu\} and David Pointcheval",
year = "2003",
month = jan,
day = "1",
doi = "10.1007/978-3-540-40061-5\_1",
language = "English",
isbn = "3540205926",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "1--18",
editor = "Laih, \{Chi Sung\}",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
}