Abstract. This paper presents three methods for strengthening public key cryptosystems in such a way that they become secure against adaptively chosen ciphertext attacks. In an adaptively chosen ciphertext attack, an attacker can query the deciphering algorithm with any ciphertexts, except for the exact object ciphertext to be cryptanalyzed. The rst strengthening method is based on the use of one-way hash functions, the second on the use of universal hash functions and the third on the use of digital signature schemes. Each method is illustrated by an example ofapublickey cryptosystem based on the intractability ofcomputing discrete logarithms in nite elds. Two other issues, namely applications of the methods to public key cryptosystems based on other intractable problems and enhancement of information authentication capability to the cryptosystems, are also discussed. 1

) Thomas Hardjono 1 ? and Yuliang Zheng 2 ?? 1 ATR Communications Research Laboratories 2-2 Hikaridai, Seika-Cho, Soraku-gun, Kyoto 619-02, Japan 2 Department of Computer Science, University of Wollongong, Australia Abstract. This paper proposes a practical digital multisignature scheme based on the C ? sig cryptosystem derived from the Csig cryptosystem of Zheng and Seberry (1993). The simple scheme consists of three phases. In the first phase the issuer of the document prepares the document, the list of prospective signatories and a pad on which signatories are to write their signatures. In the second phase each signatory verifies the document, signs it and forwards it to the next signatory. In the third phase a trusted verifier or notary decides on the validity of the signatures. The scheme prevents cheating by dishonest signatories from going undetected. The scheme is practical and offers at least the same security level afforded by its underlying cryptosystem against extern...