0
$\begingroup$

Construct a public-key encryption scheme which is CPA secure but not circularly secure, relying only on the existence of public-key encryption schemes.

This is a problem from my cryptography course homework. I tried to modify a given CPA secure public-key encryption scheme, for example to modify the secret key to let the orinigal secret key contained in the encryption of the new key. Sadly none of my attempts work so far.

Improve this question
New contributor
minukesis is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct.
$\endgroup$
3
  • 2
    $\begingroup$ Which definition of circular security are you working with specifically? $\endgroup$ Commented Nov 27 at 13:04
  • 1
    $\begingroup$ It's standard CPA game with additional information of an encryption of the secret key, i.e., Enc(pk,sk). $\endgroup$ Commented Nov 27 at 13:09
  • $\begingroup$ Ok, then consider that it is possible to (probabilistically) check whether a piece of data you have is a working decryption key matching some encryption key. Now imagine that the encryption algorithm performs this check. What would be the absolutely stupidest thing to do next? $\endgroup$ Commented 2 days ago

0

Reset to default

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.