AbstractFor a public‐key encryption scheme to be applied in practical applications, it should withstand various leakage attacks (e.g., side‐channel attacks and cold‐boot attacks). To this end, we present a way of construct the more practical CCA2 secure public‐key encryption scheme tolerating leakage attacks, and the scheme's security is based on the hardness of classical decisional Diffie–Hellman assumption and the target collision resistant of one‐way hash function. Additionally, our proposal enjoys better performance, for example, all of elements of ciphertext will be random from the adversary's view, and any probabilistic polynomial‐time adversary cannot obtain leakage on the secret key from the ciphertext, and so on. In the bounded‐leakage setting, for any leakage parameter λ⩽logq − ω(logk)(q is the prime order of the underlying group, and k denotes the security parameter.), our proposal is secure against leakage‐resilient chosen‐ciphertext attacks, where λ is independent of the plaintext space, and has the constant size. However, in the real world, an adversary can continuously learn information on the secret key through a variety of leakage attacks and can trivially break the security of public‐key encryption scheme under the continual leakage attacks. Thus, we will improve our method to resist the continual leakage attacks. Similarly, for any round leakage parameter λC⩽logq − ω(logk), we can prove the security of the improvement scheme based on the hardness of decisional Diffie–Hellman assuming and the target collision resistant of one‐way hash function. With this important performance, our proposal may have some significant value in the practical applications, such as our proposal can provide the leakage‐resilient security for outsourcing data in the cloud computing environment. Copyright © 2016 John Wiley & Sons, Ltd.