On steganographic chosen covertext security

Research output: Contribution to journalConference articlepeer-review

15 Scopus citations


At TCC 2005, Backes and Cachin proposed a new and very strong notion of security for public key steganography: secrecy against adaptive chosen covertext attack (SS-CCA); and posed the question of whether SS-CCA security was achievable for any covertext channel. We resolve this question in the affirmative: SS-CCA security is possible for any channel that admits a secure stegosystem against the standard and weaker "chosen hiddentext attack" in the standard model of computation. Our construction requires a public-key encryption scheme with ciphertexts that remain indistinguishable from random bits under adaptive chosen-ciphertext attack. We show that a scheme with this property can be constructed under the Decisional Diffie-Hellman assumption. This encryption scheme, which modifies a scheme proposed by Kurosawa and Desmedt, also resolves an open question posed by von Ahn and Hopper at Eurocrypt 2004.

Original languageEnglish (US)
Pages (from-to)311-323
Number of pages13
JournalLecture Notes in Computer Science
StatePublished - 2005
Event32nd International Colloquium on Automata, Languages and Programming, ICALP 2005 - Lisbon, Portugal
Duration: Jul 11 2005Jul 15 2005


Dive into the research topics of 'On steganographic chosen covertext security'. Together they form a unique fingerprint.

Cite this