The problem of designing a lattice-based encryption scheme secure against Chosen Ciphertext Attack (CCA) was first solved by Peikert and Waters in (3). The most efficient construction known to date is the one of (1). CCA secure encryption schemes can also be obtained using a generic transformation from Identity Based Encryption (IBE) described in Chosen-Ciphertext Security from Identity-Based Encryption.

**Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller**

(*Micciancio & Peikert*, Eurocrypt 2012)**Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem**

(*Peikert*, STOC 2009)**Lossy Trapdoor Functions and Their Applications**

(*Peikert & Waters*, SIAM J. Computing, 2011 / STOC 2008)

Additional improvements and variants:

**Improved Efficiency of MP12**(*Fang, Li, Lu & Sun*- IWSEC 2015)**High Performance Lattice-based CCA-secure Encryption**(*ElBansarkhani & Buchmann*- ePrint 2015/42)**NTRUCCA: How to Strengthen NTRUEncrypt to Chosen-Ciphertext Security in the Standard Model**(*Steinfeld, Ling, Pieprzyk, Tartary & Wang*- PKC 2012)