Information-theoretic Key Encapsulation and its Application to Secure Communication

“…The OWSKA construction uses two universal hash functions h and h ′ for the two tasks. This construction was first proposed in [32] for an iKEM with IND-CEA security for q e encapsulation queries (and no decapsulation queries), and used two strongly universal hash functions, h and h ′ . Construction 1 has the same security properties but uses universal hash families.…”

“…All above works are in public-key setting. KEM/DEM in correlated randomness setting was introduced in [32] where authors considered passive adversaries with access to encapsulation queries, only. We extend this work in a number of ways.…”

“…An IND-q e -CEA secure iKEM allows adversary to query tha encapsulation oracle, and can be used to construct an INDq e -CPA secure hybrid encryption where the adversary has access to encryption queries. The construction slightly modifies the IND-q e -CEA secure iKEM construction in [32] to increase the length of the extracted key, without compromising its security.…”

“…In our construction 1, the randomness s is generated during the initialization and published (or sent to Bob over a public authenticated channel). The CEA secure iKEM protocol construction in [32] however updates both parts of c in each query, which results in higher information leakage from x and shorter length for the final key. In appendix I we have reproduced the protocol in [32] for ease of reference.…”

“…The CEA secure iKEM protocol construction in [32] however updates both parts of c in each query, which results in higher information leakage from x and shorter length for the final key. In appendix I we have reproduced the protocol in [32] for ease of reference.…”

Hybrid Encryption in Correlated Randomness Model

“…The OWSKA construction uses two universal hash functions h and h ′ for the two tasks. This construction was first proposed in [32] for an iKEM with IND-CEA security for q e encapsulation queries (and no decapsulation queries), and used two strongly universal hash functions, h and h ′ . Construction 1 has the same security properties but uses universal hash families.…”

“…All above works are in public-key setting. KEM/DEM in correlated randomness setting was introduced in [32] where authors considered passive adversaries with access to encapsulation queries, only. We extend this work in a number of ways.…”

“…An IND-q e -CEA secure iKEM allows adversary to query tha encapsulation oracle, and can be used to construct an INDq e -CPA secure hybrid encryption where the adversary has access to encryption queries. The construction slightly modifies the IND-q e -CEA secure iKEM construction in [32] to increase the length of the extracted key, without compromising its security.…”

“…In our construction 1, the randomness s is generated during the initialization and published (or sent to Bob over a public authenticated channel). The CEA secure iKEM protocol construction in [32] however updates both parts of c in each query, which results in higher information leakage from x and shorter length for the final key. In appendix I we have reproduced the protocol in [32] for ease of reference.…”

“…The CEA secure iKEM protocol construction in [32] however updates both parts of c in each query, which results in higher information leakage from x and shorter length for the final key. In appendix I we have reproduced the protocol in [32] for ease of reference.…”

Hybrid Encryption in Correlated Randomness Model

Secure Medical Data Sharing Through Blockchain and Decentralized Models