Abstract
At TCC 2005, Backes and Cachin proposed a new and very strong notion of security for public key steganography: secrecy against adaptive chosen covertext attack (SS-CCA); and posed the question of whether SS-CCA security was achievable for any covertext channel. We resolve this question in the affirmative: SS-CCA security is possible for any channel that admits a secure stegosystem against the standard and weaker "chosen hiddentext attack" in the standard model of computation. Our construction requires a public-key encryption scheme with ciphertexts that remain indistinguishable from random bits under adaptive chosen-ciphertext attack. We show that a scheme with this property can be constructed under the Decisional Diffie-Hellman assumption. This encryption scheme, which modifies a scheme proposed by Kurosawa and Desmedt, also resolves an open question posed by von Ahn and Hopper at Eurocrypt 2004.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 311-323 |
| Number of pages | 13 |
| Journal | Lecture Notes in Computer Science |
| Volume | 3580 |
| DOIs | |
| State | Published - 2005 |
| Event | 32nd International Colloquium on Automata, Languages and Programming, ICALP 2005 - Lisbon, Portugal Duration: Jul 11 2005 → Jul 15 2005 |