Security against chosen ciphertext attack is related to the notion of
non-malleability of the encryption scheme (cf. (50)). Loosely speaking,
in a non-malleable encryption scheme it is infeasible for an adversary,
given a ciphertext , to produce a valid ciphertext for a related plain-
text (e.g., given a ciphertext of a plaintext 1 x , for an unknown x ,it
is infeasible to produce a ciphertext to the plaintext 0 x ). For further
discussion see (50; 19; 89).