Chosen Ciphertext Security from Trapdoor Functions

Brent Waters


Public key encryption is one of the fundamental pillars of cryptography and secure communication. Any encryption system that we would consider deploying or standardizing should be secure against "chosen ciphertext attacks". This gives security against an active attacker that interacts with a private key holder.

While the community has been successful in developing chosen ciphertext secure systems from specific number theoretic assumptions. Relatively, little is known about constructing these systems from more general and less structured assumptions. In this talk, I'll present a a construction of chosen ciphertext secure public-key encryption from (injective) trapdoor functions. Our construction is black box and assumes no special properties (e.g. ``lossy'', ``correlated product secure'') of the trapdoor function solving a long standing open problem. The work was given the best paper award at the CRYPTO 2020 conference.

Time and Place

Tuesday, October 13, 2:30pm