Security
The security of the ElGamal scheme depends on the properties of the underlying group as well as any padding scheme used on the messages.
If the computational Diffie–Hellman assumption holds in the underlying cyclic group, then the encryption function is one-way.
If the decisional Diffie–Hellman assumption (DDH) holds in, then ElGamal achieves semantic security. Semantic security is not implied by the computational Diffie–Hellman assumption alone. See decisional Diffie–Hellman assumption for a discussion of groups where the assumption is believed to hold.
ElGamal encryption is unconditionally malleable, and therefore is not secure under chosen ciphertext attack. For example, given an encryption of some (possibly unknown) message, one can easily construct a valid encryption of the message .
To achieve chosen-ciphertext security, the scheme must be further modified, or an appropriate padding scheme must be used. Depending on the modification, the DDH assumption may or may not be necessary.
Other schemes related to ElGamal which achieve security against chosen ciphertext attacks have also been proposed. The Cramer–Shoup cryptosystem is secure under chosen ciphertext attack assuming DDH holds for . Its proof does not use the random oracle model. Another proposed scheme is DHAES, whose proof requires an assumption that is weaker than the DDH assumption.
Read more about this topic: ElGamal Encryption
Famous quotes containing the word security:
“Is a Bill of Rights a security for [religious liberty]? If there were but one sect in America, a Bill of Rights would be a small protection for liberty.... Freedom derives from a multiplicity of sects, which pervade America, and which is the best and only security for religious liberty in any society. For where there is such a variety of sects, there cannot be a majority of any one sect to oppress and persecute the rest.”
—James Madison (1751–1836)
“When kindness has left people, even for a few moments, we become afraid of them as if their reason had left them. When it has left a place where we have always found it, it is like shipwreck; we drop from security into something malevolent and bottomless.”
—Willa Cather (1876–1947)
“A well-regulated militia being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.”
—Second Amendment, U.S. Constitution (1791)