{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2021,3,21]],"date-time":"2021-03-21T20:24:23Z","timestamp":1616358263450},"reference-count":45,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"URL":"http:\/\/www.springer.com\/tdm","start":{"date-parts":[[2011,12,20]],"date-time":"2011-12-20T00:00:00Z","timestamp":1324339200000},"delay-in-days":0,"content-version":"tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2013,1]]},"DOI":"10.1007\/s00145-011-9115-0","type":"journal-article","created":{"date-parts":[[2011,12,19]],"date-time":"2011-12-19T09:51:14Z","timestamp":1324288274000},"page":"102-118","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["Practical Chosen Ciphertext Secure Encryption from Factoring"],"prefix":"10.1007","volume":"26","author":[{"given":"Dennis","family":"Hofheinz","sequence":"first","affiliation":[]},{"given":"Eike","family":"Kiltz","sequence":"additional","affiliation":[]},{"given":"Victor","family":"Shoup","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2011,12,20]]},"reference":[{"issue":"2","key":"9115_CR1","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1137\/0217013","volume":"17","author":"W. Alexi","year":"1988","unstructured":"W.\u00a0Alexi, B.\u00a0Chor, O.\u00a0Goldreich, C.-P. Schnorr, RSA and Rabin functions: certain parts are as hard as the whole. SIAM J. Comput.\n 17(2), 194\u2013209 (1988)","journal-title":"SIAM J. Comput."},{"key":"9115_CR2","author":"M. Bellare","first-page":"62","year":"1993","unstructured":"M.\u00a0Bellare, P.\u00a0Rogaway, Random oracles are practical: a\u00a0paradigm for designing efficient protocols, in ACM CCS 93: 1st Conference on Computer and Communications Security, ed. by V.\u00a0Ashby (ACM, New York, 1993), pp. 62\u201373","volume-title":"ACM CCS 93: 1st Conference on Computer and Communications Security","DOI":"10.1145\/168588.168596","doi-asserted-by":"publisher"},{"key":"9115_CR3","series-title":"Lecture Notes in Computer Science","first-page":"92","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u201994","author":"M. Bellare","year":"1994","unstructured":"M.\u00a0Bellare, P.\u00a0Rogaway, Optimal asymmetric encryption, in Advances in Cryptology\u2014EUROCRYPT\u201994, ed. by A.\u00a0De Santis. Lecture Notes in Computer Science, vol.\u00a0950 (Springer, Berlin, 1994), pp.\u00a092\u2013111"},{"key":"9115_CR4","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology\u2014CRYPTO\u201998","author":"D. Bleichenbacher","year":"1998","unstructured":"D.\u00a0Bleichenbacher, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, in Advances in Cryptology\u2014CRYPTO\u201998, ed. by H.\u00a0Krawczyk. Lecture Notes in Computer Science, vol.\u00a01462 (Springer, Berlin, 1998), pp.\u00a01\u201312"},{"key":"9115_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/3-540-39568-7_23","volume-title":"Advances in Cryptology\u2014CRYPTO\u201984","author":"M. Blum","year":"1985","unstructured":"M.\u00a0Blum, S.\u00a0Goldwasser, An efficient probabilistic public-key encryption scheme which hides all partial information, in Advances in Cryptology\u2014CRYPTO\u201984, ed. by G.R. Blakley, D.\u00a0Chaum. Lecture Notes in Computer Science, vol.\u00a0196 (Springer, Berlin, 1985), pp.\u00a0289\u2013302"},{"issue":"4","key":"9115_CR6","doi-asserted-by":"publisher","first-page":"850","DOI":"10.1137\/0213053","volume":"13","author":"M. Blum","year":"1984","unstructured":"M.\u00a0Blum, S.\u00a0Micali, How to generate cryptographically strong sequences of pseudorandom bits. SIAM J. Comput.\n 13(4), 850\u2013864 (1984)","journal-title":"SIAM J. Comput."},{"issue":"2","key":"9115_CR7","doi-asserted-by":"publisher","first-page":"364","DOI":"10.1137\/0215025","volume":"15","author":"L. Blum","year":"1986","unstructured":"L.\u00a0Blum, M.\u00a0Blum, M.\u00a0Shub, A simple unpredictable pseudo-random number generator. SIAM J. Comput.\n 15(2), 364\u2013383 (1986)","journal-title":"SIAM J. Comput."},{"key":"9115_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-540-24676-3_14","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2004","author":"D. Boneh","year":"2004","unstructured":"D.\u00a0Boneh, X.\u00a0Boyen, Efficient selective-ID secure identity based encryption without random oracles, in Advances in Cryptology\u2014EUROCRYPT 2004, ed. by C.\u00a0Cachin, J.\u00a0Camenisch. Lecture Notes in Computer Science, vol.\u00a03027 (Springer, Berlin, 2004), pp.\u00a0223\u2013238"},{"issue":"5","key":"9115_CR9","doi-asserted-by":"publisher","first-page":"1301","DOI":"10.1137\/S009753970544713X","volume":"36","author":"D. Boneh","year":"2007","unstructured":"D.\u00a0Boneh, R.\u00a0Canetti, S.\u00a0Halevi, J.\u00a0Katz, Chosen-ciphertext security from identity-based encryption. SIAM J. Comput.\n 36(5), 1301\u20131328 (2007)","journal-title":"SIAM J. Comput."},{"key":"9115_CR10","author":"X. Boyen","first-page":"320","year":"2005","unstructured":"X.\u00a0Boyen, Q.\u00a0Mei, B.\u00a0Waters, Direct chosen ciphertext security from identity-based techniques, in ACM CCS 05: 12th Conference on Computer and Communications Security, ed. by V.\u00a0Atluri, C.\u00a0Meadows, A.\u00a0Juels (ACM, New York, 2005), pp.\u00a0320\u2013329","volume-title":"ACM CCS 05: 12th Conference on Computer and Communications Security","DOI":"10.1145\/1102120.1102162","doi-asserted-by":"publisher"},{"key":"9115_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/978-3-540-45146-4_8","volume-title":"Advances in Cryptology\u2014CRYPTO 2003","author":"J. Camenisch","year":"2003","unstructured":"J.\u00a0Camenisch, V.\u00a0Shoup, Practical verifiable encryption and decryption of discrete logarithms, in Advances in Cryptology\u2014CRYPTO 2003, ed. by D.\u00a0Boneh. Lecture Notes in Computer Science, vol.\u00a02729 (Springer, Berlin, 2003), pp.\u00a0126\u2013144"},{"issue":"4","key":"9115_CR12","doi-asserted-by":"publisher","first-page":"557","DOI":"10.1145\/1008731.1008734","volume":"51","author":"R. Canetti","year":"2004","unstructured":"R.\u00a0Canetti, O.\u00a0Goldreich, S.\u00a0Halevi, The random oracle methodology, revisited. J. ACM\n 51(4), 557\u2013594 (2004)","journal-title":"J. ACM"},{"key":"9115_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-540-78967-3_8","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2008","author":"D. Cash","year":"2008","unstructured":"D.\u00a0Cash, E.\u00a0Kiltz, V.\u00a0Shoup, The twin Diffie\u2013Hellman problem and applications, in Advances in Cryptology\u2014EUROCRYPT 2008, ed. by N.P. Smart. Lecture Notes in Computer Science, vol.\u00a04965 (Springer, Berlin, 2008), pp.\u00a0127\u2013145"},{"issue":"4","key":"9115_CR14","doi-asserted-by":"publisher","first-page":"470","DOI":"10.1007\/s00145-009-9041-6","volume":"22","author":"D. Cash","year":"2009","unstructured":"D.\u00a0Cash, E.\u00a0Kiltz, V.\u00a0Shoup, The twin Diffie\u2013Hellman problem and applications. J. Cryptol.\n 22(4), 470\u2013504 (2009)","journal-title":"J. Cryptol."},{"key":"9115_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/3-540-46035-7_4","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2002","author":"R. Cramer","year":"2002","unstructured":"R.\u00a0Cramer, V.\u00a0Shoup, Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in Advances in Cryptology\u2014EUROCRYPT 2002, ed. by L.R. Knudsen. Lecture Notes in Computer Science, vol.\u00a02332 (Springer, Berlin, 2002), pp.\u00a045\u201364"},{"issue":"1","key":"9115_CR16","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1137\/S0097539702403773","volume":"33","author":"R. Cramer","year":"2003","unstructured":"R.\u00a0Cramer, V.\u00a0Shoup, Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput.\n 33(1), 167\u2013226 (2003)","journal-title":"SIAM J. Comput."},{"key":"9115_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1007\/978-3-642-11799-2_10","volume-title":"TCC 2010: 7th Theory of Cryptography Conference","author":"R. Cramer","year":"2010","unstructured":"R.\u00a0Cramer, D.\u00a0Hofheinz, E.\u00a0Kiltz, A twist on the Naor\u2013Yung paradigm and its application to efficient CCA-secure encryption from hard search problems, in TCC 2010: 7th Theory of Cryptography Conference, ed. by D.\u00a0Micciancio. Lecture Notes in Computer Science, vol.\u00a05978 (Springer, Berlin, 2010), pp.\u00a0146\u2013164"},{"issue":"2","key":"9115_CR18","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1137\/S0097539795291562","volume":"30","author":"D. Dolev","year":"2000","unstructured":"D.\u00a0Dolev, C.\u00a0Dwork, M.\u00a0Naor, Nonmalleable cryptography. SIAM J. Comput.\n 30(2), 391\u2013437 (2000)","journal-title":"SIAM J. Comput."},{"issue":"2","key":"9115_CR19","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1007\/s001459910008","volume":"13","author":"R. Fischlin","year":"2000","unstructured":"R.\u00a0Fischlin, C.-P. Schnorr, Stronger security proofs for RSA and Rabin bits. J. Cryptol.\n 13(2), 221\u2013244 (2000)","journal-title":"J. Cryptol."},{"issue":"2","key":"9115_CR20","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1145\/1151414.1151418","volume":"9","author":"R. Gennaro","year":"2006","unstructured":"R.\u00a0Gennaro, Y.\u00a0Lindell, A framework for password-based authenticated key exchange. ACM Trans. Inf. Syst. Secur.\n 9(2), 181\u2013234 (2006)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"9115_CR21","unstructured":"O.\u00a0Goldreich, Basing non-interactive zero-knowledge on (enhanced) trapdoor permutations: the state of the art. Manuscript. Online available at \n http:\/\/www.wisdom.weizmann.ac.il\/~oded\/PSBookFrag\/nizk-tdp.ps\n \n , 2009"},{"key":"9115_CR22","author":"O. Goldreich","first-page":"25","year":"1989","unstructured":"O.\u00a0Goldreich, L.A. Levin, A hard-core predicate for all one-way functions, in 21st Annual ACM Symposium on Theory of Computing (ACM, New York, 1989), pp.\u00a025\u201332","volume-title":"21st Annual ACM Symposium on Theory of Computing"},{"issue":"2","key":"9115_CR23","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S. Goldwasser","year":"1984","unstructured":"S.\u00a0Goldwasser, S.\u00a0Micali, Probabilistic encryption. J. Comput. Syst. Sci.\n 28(2), 270\u2013299 (1984)","journal-title":"J. Comput. Syst. Sci."},{"issue":"2","key":"9115_CR24","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S. Goldwasser","year":"1988","unstructured":"S.\u00a0Goldwasser, S.\u00a0Micali, R.L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput.\n 17(2), 281\u2013308 (1988)","journal-title":"SIAM J. Comput."},{"key":"9115_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1007\/978-3-540-89255-7_19","volume-title":"Advances in Cryptology\u2014ASIACRYPT 2008","author":"G. Hanaoka","year":"2008","unstructured":"G.\u00a0Hanaoka, K.\u00a0Kurosawa, Efficient chosen ciphertext secure public key encryption under the computational Diffie\u2013Hellman assumption, in Advances in Cryptology\u2014ASIACRYPT 2008, ed. by J.\u00a0Pieprzyk. Lecture Notes in Computer Science, vol.\u00a05350 (Springer, Berlin, 2008), pp.\u00a0308\u2013325"},{"key":"9115_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-13013-7_1","volume-title":"PKC 2010: 13th International Conference on Theory and Practice of Public Key Cryptography","author":"K. Haralambiev","year":"2010","unstructured":"K.\u00a0Haralambiev, T.\u00a0Jager, E.\u00a0Kiltz, V.\u00a0Shoup, Simple and efficient public-key encryption from computational Diffie\u2013Hellman in the standard model, in PKC 2010: 13th International Conference on Theory and Practice of Public Key Cryptography, ed. by P.Q. Nguyen, D.\u00a0Pointcheval. Lecture Notes in Computer Science, vol.\u00a06056 (Springer, Berlin, 2010), pp.\u00a01\u201318"},{"key":"9115_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"553","DOI":"10.1007\/978-3-540-74143-5_31","volume-title":"Advances in Cryptology\u2014CRYPTO 2007","author":"D. Hofheinz","year":"2007","unstructured":"D.\u00a0Hofheinz, E.\u00a0Kiltz, Secure hybrid encryption from weakened key encapsulation, in Advances in Cryptology\u2014CRYPTO 2007, ed. by A.\u00a0Menezes. Lecture Notes in Computer Science, vol.\u00a04622 (Springer, Berlin, 2007), pp.\u00a0553\u2013571"},{"key":"9115_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/978-3-642-01001-9_18","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2009","author":"D. Hofheinz","year":"2009","unstructured":"D.\u00a0Hofheinz, E.\u00a0Kiltz, Practical chosen ciphertext secure encryption from factoring, in Advances in Cryptology\u2014EUROCRYPT 2009, ed. by A.\u00a0Joux. Lecture Notes in Computer Science, vol.\u00a05479 (Springer, Berlin, 2009), pp.\u00a0313\u2013332"},{"key":"9115_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"581","DOI":"10.1007\/11681878_30","volume-title":"TCC 2006: 3rd Theory of Cryptography Conference","author":"E. Kiltz","year":"2006","unstructured":"E.\u00a0Kiltz, Chosen-ciphertext security from tag-based encryption, in TCC 2006: 3rd Theory of Cryptography Conference, ed. by S.\u00a0Halevi, T.\u00a0Rabin. Lecture Notes in Computer Science, vol.\u00a03876 (Springer, Berlin, 2006), pp.\u00a0581\u2013600"},{"key":"9115_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-540-71677-8_19","volume-title":"PKC 2007: 10th International Conference on Theory and Practice of Public Key Cryptography","author":"E. Kiltz","year":"2007","unstructured":"E.\u00a0Kiltz, Chosen-ciphertext secure key-encapsulation based on gap hashed Diffie\u2013Hellman, in PKC 2007: 10th International Conference on Theory and Practice of Public Key Cryptography, ed. by T.\u00a0Okamoto, X.\u00a0Wang. Lecture Notes in Computer Science, vol.\u00a04450 (Springer, Berlin, 2007), pp.\u00a0282\u2013297"},{"key":"9115_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"590","DOI":"10.1007\/978-3-642-01001-9_34","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2009","author":"E. Kiltz","year":"2009","unstructured":"E.\u00a0Kiltz, K.\u00a0Pietrzak, M.\u00a0Stam, M.\u00a0Yung, A new randomness extraction paradigm for hybrid encryption, in Advances in Cryptology\u2014EUROCRYPT 2009, ed. by A.\u00a0Joux. Lecture Notes in Computer Science, vol.\u00a05479 (Springer, Berlin, 2009), pp.\u00a0590\u2013609"},{"key":"9115_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/978-3-540-28628-8_26","volume-title":"Advances in Cryptology\u2014CRYPTO 2004","author":"K. Kurosawa","year":"2004","unstructured":"K.\u00a0Kurosawa, Y.\u00a0Desmedt, A new paradigm of hybrid encryption scheme, in Advances in Cryptology\u2014CRYPTO 2004, ed. by M.\u00a0Franklin. Lecture Notes in Computer Science, vol.\u00a03152 (Springer, Berlin, 2004), pp.\u00a0426\u2013442"},{"key":"9115_CR33","year":"1993","unstructured":"A.K. Lenstra, H.W. Lenstra Jr. (eds.), The Development of the Number Field Sieve. Lecture Notes in Mathematics, vol.\u00a01554 (Springer, Berlin, 1993)","series-title":"Lecture Notes in Mathematics","volume-title":"The Development of the Number Field Sieve"},{"key":"9115_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/3-540-36178-2_2","volume-title":"Advances in Cryptology\u2014ASIACRYPT 2002","author":"S. Lucks","year":"2002","unstructured":"S.\u00a0Lucks, A variant of the Cramer\u2013Shoup cryptosystem for groups of unknown order, in Advances in Cryptology\u2014ASIACRYPT 2002, ed. by Y.\u00a0Zheng. Lecture Notes in Computer Science, vol.\u00a02501 (Springer, Berlin, 2002), pp.\u00a027\u201345"},{"key":"9115_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1007\/978-3-642-19379-8_13","volume-title":"PKC 2011: 14th International Workshop on Theory and Practice in Public Key Cryptography","author":"Q. Mei","year":"2011","unstructured":"Q.\u00a0Mei, B.\u00a0Li, X.\u00a0Lu, D.\u00a0Jia, Chosen ciphertext secure encryption under factoring assumption revisited, in PKC 2011: 14th International Workshop on Theory and Practice in Public Key Cryptography, ed. by D.\u00a0Catalano, N.\u00a0Fazio, R.\u00a0Gennaro, A.\u00a0Nicolosi. Lecture Notes in Computer Science, vol.\u00a06571 (Springer, Berlin, 2011), pp.\u00a0210\u2013227"},{"issue":"5","key":"9115_CR36","doi-asserted-by":"publisher","first-page":"1383","DOI":"10.1137\/S0097539701389257","volume":"31","author":"M. Naor","year":"2002","unstructured":"M.\u00a0Naor, O.\u00a0Reingold, A.\u00a0Rosen, Pseudo-random functions and factoring. SIAM J. Comput.\n 31(5), 1383\u20131404 (2002)","journal-title":"SIAM J. Comput."},{"key":"9115_CR37","author":"M. Naor","first-page":"33","year":"1989","unstructured":"M.\u00a0Naor, M.\u00a0Yung, Universal one-way hash functions and their cryptographic applications, in 21st Annual ACM Symposium on Theory of Computing (ACM, New York, 1989), pp.\u00a033\u201343","volume-title":"21st Annual ACM Symposium on Theory of Computing"},{"key":"9115_CR38","author":"M. Naor","year":"1990","unstructured":"M.\u00a0Naor, M.\u00a0Yung, Public-key cryptosystems provably secure against chosen ciphertext attacks, in 22nd Annual ACM Symposium on Theory of Computing (ACM, New York, 1990)","volume-title":"22nd Annual ACM Symposium on Theory of Computing"},{"key":"9115_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1007\/11935230_17","volume-title":"Advances in Cryptology\u2014ASIACRYPT 2006","author":"P. Paillier","year":"2006","unstructured":"P.\u00a0Paillier, J.L. Villar, Trading one-wayness against chosen-ciphertext security in factoring-based encryption, in Advances in Cryptology\u2014ASIACRYPT 2006, ed. by X.\u00a0Lai, K.\u00a0Chen. Lecture Notes in Computer Science, vol.\u00a04284 (Springer, Berlin, 2006), pp.\u00a0252\u2013266"},{"key":"9115_CR40","author":"C. Peikert","first-page":"187","year":"2008","unstructured":"C.\u00a0Peikert, B.\u00a0Waters, Lossy trapdoor functions and their applications, in 40th Annual ACM Symposium on Theory of Computing, ed. by R.E. Ladner, C.\u00a0Dwork (ACM, New York, 2008), pp.\u00a0187\u2013196","volume-title":"40th Annual ACM Symposium on Theory of Computing"},{"key":"9115_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"182","DOI":"10.1007\/978-3-540-30564-4_13","volume-title":"SAC 2004: 11th Annual International Workshop on Selected Areas in Cryptography","author":"D.H. Phan","year":"2004","unstructured":"D.H. Phan, D.\u00a0Pointcheval, About the security of ciphers (semantic security and pseudo-random permutations), in SAC 2004: 11th Annual International Workshop on Selected Areas in Cryptography, ed. by H.\u00a0Handschuh, A.\u00a0Hasan. Lecture Notes in Computer Science, vol.\u00a03357 (Springer, Berlin, 2004), pp.\u00a0182\u2013197"},{"key":"9115_CR42","unstructured":"M.O. Rabin, Digital signatures and public key functions as intractable as factorization. Technical Report MIT\/LCS\/TR-212, Massachusetts Institute of Technology, January 1979"},{"key":"9115_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"433","DOI":"10.1007\/3-540-46766-1_35","volume-title":"Advances in Cryptology\u2014CRYPTO\u201991","author":"C. Rackoff","year":"1992","unstructured":"C.\u00a0Rackoff, D.R. Simon, Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack, in Advances in Cryptology\u2014CRYPTO\u201991, ed. by J.\u00a0Feigenbaum. Lecture Notes in Computer Science, vol.\u00a0576 (Springer, Berlin, 1992), pp.\u00a0433\u2013444"},{"key":"9115_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"314","DOI":"10.1007\/978-3-642-14623-7_17","volume-title":"Advances in Cryptology\u2014CRYPTO 2010","author":"H. Wee","year":"2010","unstructured":"H.\u00a0Wee, Efficient chosen-ciphertext security via extractable hash proofs, in Advances in Cryptology\u2014CRYPTO 2010, ed. by T.\u00a0Rabin. Lecture Notes in Computer Science, vol.\u00a06223 (Springer, Berlin, 2010), pp.\u00a0314\u2013332"},{"issue":"6","key":"9115_CR45","doi-asserted-by":"publisher","first-page":"726","DOI":"10.1109\/TIT.1980.1056264","volume":"26","author":"H.C. Williams","year":"1980","unstructured":"H.C. Williams, A modification of the RSA public-key encryption procedure. IEEE Trans. Inf. Theory\n 26(6), 726\u2013729 (1980)","journal-title":"IEEE Trans. Inf. Theory"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-011-9115-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-011-9115-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-011-9115-0","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-011-9115-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,8]],"date-time":"2020-04-08T08:07:50Z","timestamp":1586333270000},"score":1.0,"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,12,20]]},"references-count":45,"journal-issue":{"published-print":{"date-parts":[[2013,1]]},"issue":"1"},"alternative-id":["9115"],"URL":"http:\/\/dx.doi.org\/10.1007\/s00145-011-9115-0","relation":{"cites":[]},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":["Software","Applied Mathematics","Computer Science Applications"],"assertion":[{"value":"26 December 2010","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 December 2011","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}