Fwd: question on ElGamal implementation

Weikeng Chen w.k at berkeley.edu
Fri Sep 22 10:09:26 CEST 2017

---------- Forwarded message ----------
From: Weikeng Chen <w.k at berkeley.edu>
Date: Thu, Sep 21, 2017 at 6:50 PM
Subject: Re: question on ElGamal implementation
To: NIIBE Yutaka <gniibe at fsij.org>

You are right. If it is for hybrid encryption, the actual message is
confidential, the message in ElGamal encryption is just a key, then
semantic security is not that crucial -- the security can be proved by
the semantic security of the symmetric part.

It seems that only when people use ElGamal for homomorphic encryption
(computing on encrypted data), where actual data stay in the message
space, then a strong security is demanded.


Weikeng Chen @ 795 Soda Hall

More information about the Gcrypt-devel mailing list