OW-CPA stands for One-Wayness under Chosen Plaintext Attack. It’s a weaker notion than IND-CPA but still meaningful in many settings such as the Fujisaki-Okamoto Transformation.
Here’s the standard security game for OW-CPA:
- Challenger generates the public-secret keys $(pk, sk) \gets Setup(1^{\lambda})$ and sends $pk$ to the adversary.
- In the challenge phase, the challenger randomly generates a message $m$, encrypts it using $pk$ to generate the challenge ciphertext $ct^*$ and sends it to the adversary.
- The adversary must return a message $m'$ and wins the game if $m' = m$.
There are many security definitions beyond IND-CPA and IND-CCA, such as leakage-resilience, key-dependent message (KDM) security, non-malleability, incompressibility, selective-opening security, and others. Each of these captures different adversarial capabilities and application-specific requirements, and often comes with its own style of security proof.
One way to get familiar with these definitions and security proofs is to read a wide range of papers and see how each security notion is formalized and used. However, a more efficient approach, especially when working on a specific scheme, is to precisely describe the functionality and expected security goals of your scheme, and then consult experts or ask targeted questions on platforms like Cryptography StackExchange. They can help identify the most relevant and meaningful security definitions for your use case. Perhaps you could consider creating a wiki post to compile all the security definitions in one place.
To the best of my knowledge, there isn’t a single comprehensive source that catalogs all known encryption security definitions and proof techniques. Most are scattered across different subfields and papers, depending on the context in which they were introduced.
