Pub. online:1 Jan 2012Type:Research ArticleOpen Access
Volume 23, Issue 4 (2012), pp. 537–562
Hwang et al. proposed an ElGamal-like scheme for encrypting large messages, which is more efficient than its predecessor in terms of computational complexity and the amount of data transformation. They declared that the resulting scheme is semantically secure against chosen-plaintext attacks under the assumptions that the decision Diffie–Hellman problem is intractable. Later, Wang et al. pointed out that the security level of Hwang et al.'s ElGamal-like scheme is not equivalent to the original ElGamal scheme and brings about the disadvantage of possible unsuccessful decryption. At the same time, they proposed an improvement on Hwang et al.'s ElGamal-like scheme to repair the weakness and reduce the probability of unsuccessful decryption. However, in this paper, we show that their improved scheme is still insecure against chosen-plaintext attacks whether the system is operated in the quadratic residue modulus or not. Furthermore, we propose a new ElGamal-like scheme to withstand the adaptive chosen-ciphertext attacks. The security of the proposed scheme is based solely on the decision Diffie–Hellman problem in the random oracle model.
Pub. online:1 Jan 2010Type:Research ArticleOpen Access
Volume 21, Issue 3 (2010), pp. 307–319
A Group-Oriented Cryptosystem (GOC) allows a sender to encrypt a message sent to a group of users so only the specified sets of users in that group can cooperatively decrypt the message. Recently, Li et al. pointed out unauthorized sets in the receiving group can recover the encrypted messages in Yang et al.'s GOC; and they further repaired this security flaw. However, the improved GOC contains inexact security analysis. Further, conversion of the scheme into a threshold cryptosystem results in inefficiency. This study enhances Li et al.'s GOC, both in that it achieves the requirements of GOC but also that it can be efficiently converted into a threshold cryptosystem. Under the decisional Diffie–Hellman problem assumption, the proposed scheme is demonstrated to be provably secure against chosen plaintext attacks.