Plaintext Awareness via Key Registration

  • Jonathan Herzog
  • Moses Liskov
  • Silvio Micali
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2729)


In this paper, we reconsider the notion of plaintext awareness. We present a new model for plaintext-aware encryption that is both natural and useful. We achieve plaintext-aware encryption without random oracles by using a third party. However, we do not need to trust the third party: even when the third party is dishonest, we still guarantee security against adaptive chosen ciphertext attacks. We show a construction that achieves this definition under general assumptions. We further motivate this achievement by showing an important and natural application: giving additional real-world meaningfulness to the Dolev-Yao model.


Encryption Scheme Random Oracle Parse Tree Registration Authority Adaptive Choose Ciphertext Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Bellare, M., Rogaway, P.: Optimal asymmetric encryption– how to encrypt with RSA. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998), Full version found at
  3. 3.
    Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosenciphertext security. In: Proceedings of 40th Annual IEEE Symposium on Foundations of Computer Science (FOCS), pp. 543–553 (1999)Google Scholar
  5. 5.
    Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosenciphertext attacks. In: 22nd Annual ACM Symposium on Theory of Computing, pp. 427–437 (1990)Google Scholar
  6. 6.
    Rackoff, C., Simon, D.: Noninteractive zero-knowledge proof of knowledge and the chosen-ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)Google Scholar
  7. 7.
    Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Transactions on Information Theory 29, 198–208 (1983)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Lowe, G.: Breaking and fixing the Needham–Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)Google Scholar
  9. 9.
    Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of Computer Security 6, 85–128 (1998)Google Scholar
  10. 10.
    Song, D.: Athena, an automatic checker for security protocol analysis. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop, pp. 192–202 (1999)Google Scholar
  11. 11.
    Goldwasser, S., Micali, S., Rackoff, C.: The knowedge complexity of interactive proof systems. In: Proceedings of the 17th ACM Symposium on Theory of Computing, pp. 291–304 (1985); Superseded by journal versionGoogle Scholar
  12. 12.
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero knowledge proof systems and applications. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, pp. 103–112 (1988)Google Scholar
  13. 13.
    Santis, A.D., Micali, S., Persiano, G.: Non-interactive zero-knowledge proof systems. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 52–72. Springer, Heidelberg (1988)Google Scholar
  14. 14.
    Blum, M., Santis, A.D., Micali, S., Persiano, G.: Noninteractive zero knowledge. SIAM Journal on Computing 20, 1084–1118 (1991)Google Scholar
  15. 15.
    Boyar, J., Damgård, I., Peralta, R.: Short non-interactive cryptographic proofs. Journal of Cryptology: the journal of the International Association for Cryptologic Research 13, 449–472 (2000)Google Scholar
  16. 16.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences, 270–299 (1984)Google Scholar
  17. 17.
    Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)Google Scholar
  18. 18.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM 38, 691–729 (1991)Google Scholar
  19. 19.
    Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). In: Watanabe, O., Hagiya, M., Ito, T., van Leeuwen, J., Mosses, P.D. (eds.) TCS 2000. LNCS, vol. 1872, pp. 3–22. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  20. 20.
    Herzog, J.: Computational soundness for formal adversaries. Master’s thesis, Massachusetts Institute of Technology (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Jonathan Herzog
    • 1
  • Moses Liskov
    • 1
  • Silvio Micali
    • 1
  1. 1.MIT Laboratory for Computer Science 

Personalised recommendations