Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited

• Autorzy: Huang Z. , Liu S. , Qin B. , Chen K.

Identyfikatory

DOI

10.1515/amcs-2015-0032

• Języki publikacji: EN

Abstrakty

EN

Fehr et al. (2010) proposed the first sender-equivocable encryption scheme secure against chosen-ciphertext attacks (NCCCA) and proved that NC-CCA security implies security against selective opening chosen-ciphertext attacks (SO-CCA). The NC-CCA security proof of the scheme relies on security against substitution attacks of a new primitive, the “cross-authentication code”. However, the security of the cross-authentication code cannot be guaranteed when all the keys used in the code are exposed. Our key observation is that, in the NC-CCA security game, the randomness used in the generation of the challenge ciphertext is exposed to the adversary. Based on this observation, we provide a security analysis of Fehr et al.'s scheme, showing that its NC-CCA security proof is flawed. We also point out that the scheme of Fehr et al. encrypting a single-bit plaintext can be refined to achieve NC-CCA security, free of the cross-authentication code. Furthermore, we propose the notion of “strong cross-authentication code”, apply it to Fehr et al. 's scheme, and show that the new version of the latter achieves NC-CCA security for multi-bit plaintexts.

Słowa kluczowe

EN

sender equivocable encryption; chosen ciphertext attack; cross authentication code

• Wydawca: Oficyna Wydawnicza Uniwersytetu Zielonogórskiego
• Czasopismo: International Journal of Applied Mathematics and Computer Science
• Rocznik: 2015
• Tom: Vol. 25, no. 2
• Strony: 415--430
• Opis fizyczny: Bibliogr. 12 poz.

Twórcy

autor

Huang Z.

• Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai, 200240, China

autor

Liu S.

• Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai, 200240, China

autor

Qin B.

• Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai, 200240, China; College of Computer Science and Technology, Southwest University of Science and Technology, 59 Qinglong Road, Mianyang, Sichuan, 621010, China

autor

Chen K.

• School of Science, Hangzhou Normal University, 16 Xuelin Street, Xisha Higher Education Zone, Hangzhou, 310036, China; State Key Laboratory of Mathematical Engineering and Advanced Computing, 30 Lianze Road, Building #18, Science and Education Industry Park, Binhu District,Wuxi, 214000, China

Bibliografia

• [1] Bellare, M., Dowsley, R., Waters, B. and Yilek, S. (2012). Standard security does not imply security against selective-opening, in D. Pointcheval and T. Johansson (Eds.), Advances in Cryptology—EUROCRYPT 2012, Springer, Berlin/Heidelberg, pp. 645–662.
• [2] Bellare, M., Hofheinz, D. and Yilek, S. (2009). Possibility and impossibility results for encryption and commitment secure under selective opening, in A. Joux (Ed.), Advances in Cryptology—EUROCRYPT 2009, Springer, Berlin/Heidelberg, pp. 1–35.
• [3] Bellare, M., Waters, B. and Yilek, S. (2011). Identity-based encryption secure against selective opening attack, in Y. Ishai (Ed.), Theory of Cryptography, Springer, Berlin/Heidelberg, pp. 235–252.
• [4] Böhl, F., Hofheinz, D. and Kraschewski, D. (2012). On definitions of selective opening security, in M. Fischlin, J. Buchmann and M. Manulis (Eds.), Public Key Cryptography—PKC 2012, Springer, Berlin/Heidelberg, pp. 522–539.
• [5] Canetti, R., Friege, U., Goldreich, O. and Naor, M. (1996). Adaptively secure multi-party computation, Technical report, Massachusetts Institute of Technology, Cambridge, MA.
• [6] Cramer, R. and Shoup, V. (2002). Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in L.R. Knudsen (Ed.), Advances in Cryptology—EUROCRYPT 2002, Springer, Berlin/Heidelberg, pp. 45–64.
• [7] Fehr, S., Hofheinz, D., Kiltz, E. and Wee, H. (2010). Encryption schemes secure against chosen-ciphertext selective opening attacks, in H. Gilbert (Ed.), Advances in Cryptology—EUROCRYPT 2010, Berlin/Heidelberg, Springer, pp. 381–402.
• [8] Gao, C.-z., Xie, D. and Wei, B. (2012). Deniable encryptions secure against adaptive chosen ciphertext attack, in M.D. Ryan, B. Smyth and G. Wang (Eds.), Information Security Practice and Experience, Springer, Berlin/Heidelberg, pp. 46–62.
• [9] Hemenway, B., Libert, B., Ostrovsky, R. and Vergnaud, D. (2011). Lossy encryption: Constructions from general assumptions and efficient selective opening chosen ciphertext security, in D.H. Lee and X. Wang (Eds.), Advances in Cryptology—ASIACRYPT 2011, Springer, Berlin/Heidelberg, pp. 70–88.
• [10] Hofheinz, D. (2012). All-but-many lossy trapdoor functions, in D. Pointcheval and T. Johansson (Eds.), Advances in Cryptology—EUROCRYPT 2012, Springer, Berlin/Heidelberg, pp. 209–227.
• [11] Myers, S. and Shelat, A. (2009). Bit encryption is complete, 50th Annual IEEE Symposium on Foundations of Computer Science, FOCS’09, Atlanta, GA, USA, pp. 607–616.
• [12] Peikert, C. and Waters, B. (2011). Lossy trapdoor functions and their applications, SIAM Journal on Computing 40(6): 1803–1844.