中文摘要：

Tag—KEM／DEM是2005年提出的一种混合加密结构。Tag—KEM（Tag密钥封装机制）是其组成部分，采用公钥加密技术封装密钥。针对混合加密中不宜用慢的长消息公钥加密的问题，提出了一种用短消息公钥加密方案构造Tag—KEM方案的通用方法；结果证明了该方法在随机预言机模型下选择密文安全。该方法对Tag部分的处理不会带来额外的冗余，是第一个无需验证Tag部分有效方案。表明Tag—KEM／DEM结构优于KEM＋DEM。

英文摘要：

Tag key encapsulation mechanism （Tag-KEM）/data encapsulation mechanism （DEM） is a hybrid framework proposed in 2005. Tag-t（EM is one of its parts by using public-key encryption （PKE） technique to encapsulate a symmetric key. In hybrid encryptions, the long-raessage PKE is not desired due to its slow operation. A general method is presented for constructing Tag-KEM schemes with short-message PKEs. The chosen ciphertext security is proved in the random oracle model. In the method, the treatment of the tag part brings no additional ciphertext redundancy. Among all the methods for constructing Tag-KEM, the method is the first one without any validity checking on the tag part, thus showing that the Tag-KEM/DEM framework is superior to KEM＋DEM one.