Leakage-Resilient Chosen-Ciphertext Secure Public-Key Encryption from Hash Proof System and One-Time Lossy Filter

We present several new and fairly practical public-key encryption schemes and prove them secure against adaptive chosen ciphertext attack. One scheme is based on Paillier's Decision Composite Residuosity (DCR) assumption, while another is based in the classical Quadratic Residuosity (QR) assumption. The analysis is in the standard cryptographic model, i.e., the security of our schemes does not rely on the Random Oracle model.<br /> <br />We also introduce the notion of a universal hash proof system. Essentially, this is a special kind of non-interactive zero-knowledge proof system for an NP language. We do not show that universal hash proof systems exist for all NP languages, but we do show how to construct very efficient universal hash proof systems for a general class of group-theoretic language membership problems.<br /> <br />Given an efficient universal hash proof system for a language with certain natural cryptographic indistinguishability properties, we show how to construct an efficient public-key encryption schemes secure against adaptive chosen ciphertext attack in the standard model. Our construction only uses the universal hash proof system as a primitive: no other primitives are required, although even more efficient encryption schemes can be obtained by using hash functions with appropriate collision-resistance properties. We show how to construct efficient universal hash proof systems for languages related to the DCR and QR assumptions. From these we get corresponding public-key encryption schemes that are secure under these assumptions. We also show that the Cramer-Shoup encryption scheme (which up until now was the only practical encryption scheme that could be proved secure against adaptive chosen ciphertext attack under a reasonable assumption, namely, the Decision Diffie-Hellman assumption) is also a special case of our general theory.

Download Full-text

Public key encryption with equality test via hash proof system

Theoretical Computer Science ◽

10.1016/j.tcs.2019.05.033 ◽

2019 ◽

Vol 795 ◽

pp. 20-35

Author(s):

Ming Zeng ◽

Jie Chen ◽

Kai Zhang ◽

Haifeng Qian

Keyword(s):

Public Key ◽

Proof System ◽

Public Key Encryption ◽

Hash Proof System ◽

Equality Test

Download Full-text

Public-Key Encryption In The Standard Model Against Strong Leakage Adversary

The Computer Journal ◽

10.1093/comjnl/bxaa055 ◽

2020 ◽

Vol 63 (12) ◽

pp. 1904-1914

Author(s):

Janaka Alawatugoda

Keyword(s):

Standard Model ◽

Building Blocks ◽

Public Key ◽

Log P ◽

Encryption Scheme ◽

Public Key Encryption ◽

Security Parameter ◽

The Standard Model ◽

Encryption Schemes ◽

Leakage Resilient

Abstract Over the years, security against adaptively chosen-ciphertext attacks (CCA2) is considered as the strongest security definition for public-key encryption schemes. With the uprise of side-channel attacks, new security definitions are proposed, addressing leakage of secret keys together with the standard CCA2 definition. Among the new security definitions, security against continuous and after-the-fact leakage-resilient CCA2 can be considered as the strongest security definition, which is called as security against (continuous) adaptively chosen-ciphertext leakage attacks (continuous CCLA2). In this paper, we present a construction of a public-key encryption scheme, namely LR-PKE, which satisfies the aforementioned security definition. The security of our public-key encryption scheme is proven in the standard model, under decision BDH assumption. Thus, we emphasize that our public-key encryption scheme LR-PKE is (continuous) CCLA2-secure in the standard model. For our construction of LR-PKE, we have used a strong one-time signature scheme and a leakage-resilient refreshing protocol as underlying building blocks. The leakage bound is $0.15n\log p -1$ bits per leakage query, for a security parameter $k$ and a statistical security parameter $n$, such that $\log p \geq k$ and $n$ is a function of $k$. It is possible to see that LR-PKE is efficient enough to be used for real-world usage.

Download Full-text

CCA Secure Public Key Encryption against After-the-Fact Leakage without NIZK Proofs

Security and Communication Networks ◽

10.1155/2019/8357241 ◽

2019 ◽

Vol 2019 ◽

pp. 1-8

Author(s):

Yi Zhao ◽

Kaitai Liang ◽

Bo Yang ◽

Liqun Chen

Keyword(s):

State Model ◽

Encryption Algorithm ◽

Public Key ◽

Public Key Encryption ◽

Split State ◽

Leakage Resilient ◽

Traditional Sense ◽

Definition Of ◽

Lossy Trapdoor Functions ◽

Chosen Ciphertext Attack

In leakage resilient cryptography, there is a seemingly inherent restraint on the ability of the adversary that it cannot get access to the leakage oracle after the challenge. Recently, a series of works made a breakthrough to consider a postchallenge leakage. They presented achievable public key encryption (PKE) schemes which are semantically secure against after-the-fact leakage in the split-state model. This model puts a more acceptable constraint on adversary’s ability that the adversary cannot query the leakage of secret states as a whole but the functions of several parts separately instead of prechallenge query only. To obtain security against chosen ciphertext attack (CCA) for PKE schemes against after-the-fact leakage attack (AFL), existing works followed the paradigm of “double encryption” which needs noninteractive zero knowledge (NIZK) proofs in the encryption algorithm. We present an alternative way to achieve AFL-CCA security via lossy trapdoor functions (LTFs) without NIZK proofs. First, we formalize the definition of LTFs secure against AFL (AFLR-LTFs) and all-but-one variants (ABO). Then, we show how to realize this primitive in the split-state model. This primitive can be used to construct AFLR-CCA secure PKE scheme in the same way as the method of “CCA from LTFs” in traditional sense.

Download Full-text