I. B. Damgård and J. B. Nielsen, “From Known-Plaintext Security to Chosen-Plaintext Security”, BRICS, vol. 8, no. 43, Nov. 2001.