For the most compelling applications of threshold cryptosystems, security against chosen ciphertext attack seems to be a requirement. However there appear to be no practical threshold cryptosystems in the literature that are provably chosen-ciphertext secure, even in the idealised random hash function model. The contribution of this paper is to present two very practical threshold cryptosystems, and to prove that they are secure against chosen ciphertext attack in the random hash function model.
By: V. Shoup and R. Gennaro
Published in: Lecture Notes in Computer Science, volume 1403, (no ), pages 1-16 in 1998
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .