Sponge-based CCA2 secure asymmetric encryption for arbitrary length message (extended version)
by Tarun Kumar Bansal; Donghoon Chang; Somitra Kumar Sanadhya
International Journal of Applied Cryptography (IJACT), Vol. 3, No. 3, 2017

Abstract: OAEP and other similar schemes, proven secure in random-oracle model, require one or more hash functions with an output size larger than those of the standard hash functions. In this paper, we show that by using the popular Sponge construction in the OAEP framework, we can eliminate the need for such a hash function. We provide a new scheme in the OAEP framework and call our scheme Sponge-based asymmetric encryption padding (SpAEP). The scheme SpAEP is based on two functions: Sponge and SpongeWrap, and requires only standard output sizes proposed and standardised for Sponge functions. Our scheme is CCA2 secure for any trapdoor one-way permutation in the ideal permutation model for arbitrary length messages. Our scheme utilises the versatile Sponge function to enhance the capability and efficiency of the OAEP framework. Prior to this work, the only scheme proven secure in the ideal permutation model was OAEP-3R. However this scheme is not efficient in practice as it utilises a full domain permutation which is hard to find and construct efficiently in practice. Therefore, the author of OAEP-3R provided another version of OAEP-3R but in random oracle model. Our scheme SpAEP utilises the ideal permutation model in a novel manner which makes SpAEP efficient and practical to construct a public key encryption. We also propose a key encapsulation mechanism for hybrid encryption using SpAEP with any trapdoor one-way permutation.

Online publication date: Sun, 03-Sep-2017

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Applied Cryptography (IJACT):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?

Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email subs@inderscience.com