** Authors:** Mihir Bellare, Anand Desai, David Pointcheval and Phillip Rogaway

** Reference:**
* Advances in Cryptology - CRYPTO '98*,
Lecture Notes in Computer Science, Vol. 1462, H. Krawczyk, ed.,
Springer-Verlag, 1998.

** Abstract: **
We compare the relative strengths of popular notions of
security for public key encryption schemes. We consider the goals of
privacy and non-malleability, each under chosen-plaintext attack
and two kinds of chosen-ciphertext attack. For each of the resulting pairs of
definitions we prove either an implication (every scheme meeting one notion
must meet the other) or a separation (there is a scheme meeting one notion but
not the other, assuming the first notion can be met at all). We similarly
treat plaintext awareness, a notion of security in the random oracle model. An
additional contribution of this paper is a new definition of non-malleability
which we believe is simpler than the previous one.

Full version available in PDF or PostScript.

Rogaway's home page.