Hybrid Encryption in the Multi-User Setting
This paper presents an attack in the multi-user setting on various publickey encryption schemes standardized in IEEE 1363a, SECG SEC 1 and ISO 18033-2. The multi-user setting is a security model proposed by Bellare et al., which allows adversaries to simultaneously attack multiple ciphertexts created by one or more users. An attack is considered successful if the attacker learns information about any of the plaintexts. The authors show that many standardized public-key encryption schemes are vulnerable in this model, and give ways to prevent the attack.