Improved efficiency of Kiltz07-KEM

Kiltz proposed a practical key encapsulation mechanism (Kiltz07-KEM) which is secure against adaptive chosen ciphertext attacks (IND-CCA2) under the gap hashed Diffie–Hellman (GHDH) assumption [Eike Kiltz, Chosen-ciphertext secure key encapsulation based on hashed gap decisional Diffie–Hellman, in: Proceedings of the 10th International Workshop on Practice and Theory in Public-Key Cryptography, PKC 2007, in: LNCS, vol. 4450, Springer-Verlag, 2007, pp. 282–297. Full version available on Cryptology ePrint Archive: Report 2007/036]. We propose a variant of Kiltz07-KEM with improved efficiency in encryption. The new scheme can be proved IND-CCA2 secure under the same hardness assumption. This makes the most efficient KEM provably IND-CCA2 secure in the standard model until today.