Cryptanalysis on an Improved Version of ElGamal-Like Public-Key Encryption Scheme for Encrypting Large Messages

摘要

Hwang et al. proposed an ElGamal-like scheme for encrypting large messages, which is more efficient than its predecessor in terms of computational complexity and the amount of data transformation. They declared that the resulting scheme is semantically secure against chosen-plaintext attacks under the assumptions that the decision Diffie-Hellman problem is intractable. Later, Wang et al. pointed out that the security level of Hwang et al. 's ElGamal-like scheme is not equivalent to the original ElGamal scheme and brings about the disadvantage of possible unsuccessful decryption. At the same time, they proposed an improvement on Hwang et al.'s ElGamal-like scheme to repair the weakness and reduce the probability of unsuccessful decryption. However, in this paper, we show that their improved scheme is still insecure against chosen-plaintext attacks whether the system is operated in the quadratic residue modulus or not. Furthermore, we propose a new ElGamal-like scheme to withstand the adaptive chosen-ciphertext attacks. The security of the proposed scheme is based solely on the decision Diffie-Hellman problem in the random oracle model.%Hwang ir Kt. pasiūl? bluamal 10 tipo schem?, skirt? dideles apimties prane?imams ?itruoti, kuri yra efektyvesn? skai?iavimo sud?tingumo ir duomen? transformacij? kiekio prasm?mis. Jie teig?, kad schema yra saugi pasirinkto atvirojo teksto atakoms esant prielaidai, kad Diffie-Helman'o problema yra nei?sprend?iama. V?liau Wang ir kt. parod?, kad Hvvang'o schemos sauga n?ra pakankama ir galimi nes?kmingo de?ifravimo atvejai. Be to jie patobulino Hvvang ir kt. schem? padidindami jos saugum? ir suma?indami nes?kmingo de?ifravimo galimyb?. ?iame straipsnyje parodyta, kad j? schema yra vis dar nesaugi nuo pasirinkto teksto atak?. Taip pat pasiūlyta nauja ElGamal'io tipo schema, atspari pasirinkto teksto atakoms.