| 摘要 |
A variant of the El-Gamal public key encryption scheme is disclosed which is provably secure against an adaptively chosen ciphertext adversary using standard public key cryptography assumptions i.e. non the random oracle (RO) model. This scheme has roughly half the computational overhead and similar communication overhead as the scheme by Cramer-Shoup (CS). One embodiment describes a public key encryption scheme using a public key, h, and private key, z, wherein a message 14 is encrypted within a ciphertext 16 which is formed at least in part by a product of a variable, e , based on the public key, h, and an output of an invertible deterministic method, f , operated on the message, m, and a hash, H, of at least the message. The variable e may be based on the public key, h, raised to the power of a random number, r. Another embodiment describes decryption of an encrypted message by decrypting with at most two exponentiations including an exponentiation using the private key, z. A further embodiment describes an encryption/decryption method in which the public key requires no more than three group elements and a private key requires no more than one group element whilst still providing a provably secure method.
|
