A New Public-Key Encryption Scheme

This paper proposes a new public-key encryption scheme which removes one element from the public-key tuple of the original Cramer-Shoup scheme. As a result, a ciphertext is not a quadruple but a triple at the cost of a strong assumption, the third version of knowledge of exponent assumption (KEA3). Under assumptions of KEA3, a decision Diffie-Hellman (DDH) and a variant of target collision resistance (TCRv), the new scheme is proved secure against indistinguishable adaptive chosen ciphertext attack (IND-CCA2). This scheme is as efficient as Damgård ElGamal (DEG) scheme when it makes use of a well-known algorithm for product of exponentiations. The DEG scheme is recently proved IND-CCA1 secure by Bellare and Palacio in ASIACRYPT 2004 under another strong assumption. In addition to our IND-CCA2 secured scheme, we also believe that the security proof procedure itself provides a well insight for ElGamal-based encryption schemes which are secure in real world.