A Fast and Key-Efficient Reduction of Chosen- Ciphertext to Known-Plaintext Security
Motivated by the quest for reducing assumptions in security proofs in cryptography, this paper is concerned with designing efficient symmetric encryption and authentication schemes based on any weak PseudoRandom Function (PRF) which can be much more efficiently implemented than PRFs. Damgard and Nielsen (CRYPTO '02) have shown how to construct an efficient symmetric encryption scheme based on any weak PRF that is provably secure against chosen-plaintext attacks. The main ingredient is a range-extension construction for weak PRFs. By using well-known techniques, they also showed how their scheme can be made secure against the stronger chosen-ciphertext attacks.