An encryption scheme that is secure in the presence of (full) chosen-ciphertext attacks should implement this interface.
Note that any Cca2 scheme is both Indistinguishable and NonMalleable. Thus, Cca2 extends both Cca1 and NonMalleable,
and it suffices to have a CCA2-secure scheme implement only the Cca2 interface.
Cryptography and Computer Security Research Group Department of Computer Science Bar-Ilan University (Yael Ejgenberg)