The security of public-key encryption (PKE) schemes in a multi-user setting is aimed at capturing real-world scenarios in which an adversary could attack multiple users and multiple ciphertexts of its choice. However, the fact that a real-world adversary can also mount key-exposure attacks for a set of multiple public keys requires us to consider a more realistic notion of security in multi-user settings. In this study, we establish the security notion of PKE in a multi-user setting with corruptions, where an adversary is able to issue (adaptive) encryption, decryption, and corruption (i.e., private key) queries. We then propose the first practical PKE scheme whose security is proven in a multi-user setting with corruptions. The security of our scheme is based on the computational Diffie–Hellman (CDH) assumption and is proven to be tightly chosen-ciphertext secure in a random oracle model. Our scheme essentially follows the recently proposed modular approach of combining KEM and augmented DEM in a multi-user setting, but we show that this modular approach works well in a multi-user setting with corruptions.

中文翻译：

---

具有损坏的多用户设置中的严格 CCA 安全加密方案

多用户设置中的公钥加密 (PKE) 方案的安全性旨在捕获攻击者可以攻击多个用户及其选择的多个密文的真实场景。然而，现实世界的对手也可以对一组多个公钥发起密钥暴露攻击这一事实要求我们在多用户设置中考虑更现实的安全概念。在这项研究中，我们在具有损坏的多用户设置中建立了 PKE 的安全概念，其中对手能够发出（自适应）加密、解密和损坏（即私钥）查询。然后，我们提出了第一个实用的 PKE 方案，其安全性在具有损坏的多用户设置中得到了证明。我们方案的安全性基于计算 Diffie-Hellman (CDH) 假设，并且在随机预言机模型中被证明是严格选择的密文安全。我们的方案基本上遵循最近提出的在多用户设置中结合 KEM 和增强 DEM 的模块化方法，但我们表明这种模块化方法在具有损坏的多用户设置中运行良好。