Download PDF - Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisitedCC BY-NC-ND: Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 PL, Opens in new tab

ArticleOriginal scientific text

Title

Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited

Authors 1, 1, 2, 3

Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai, 200240, China
  2. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai, 200240, China; College of Computer Science and Technology, Southwest University of Science and Technology, 59 Qinglong Road, Mianyang, Sichuan, 621010, China
  3. School of Science, Hangzhou Normal University, 16 Xuelin Street, Xisha Higher Education Zone, Hangzhou, 310036, China; State Key Laboratory of Mathematical Engineering and Advanced Computing, 30 Lianze Road, Building #18, Science and Education Industry Park, Binhu District,Wuxi, 214000, China

Abstract

Fehr et al. (2010) proposed the first sender-equivocable encryption scheme secure against chosen-ciphertext attacks (NCCCA) and proved that NC-CCA security implies security against selective opening chosen-ciphertext attacks (SO-CCA). The NC-CCA security proof of the scheme relies on security against substitution attacks of a new primitive, the “cross-authentication code”. However, the security of the cross-authentication code cannot be guaranteed when all the keys used in the code are exposed. Our key observation is that, in the NC-CCA security game, the randomness used in the generation of the challenge ciphertext is exposed to the adversary. Based on this observation, we provide a security analysis of Fehr et al.'s scheme, showing that its NC-CCA security proof is flawed. We also point out that the scheme of Fehr et al. encrypting a single-bit plaintext can be refined to achieve NC-CCA security, free of the cross-authentication code. Furthermore, we propose the notion of “strong cross-authentication code”, apply it to Fehr et al. 's scheme, and show that the new version of the latter achieves NC-CCA security for multi-bit plaintexts.

Keywords

ENG
sender equivocable encryption, chosen ciphertext attack, cross authentication code

Bibliography

  1. Bellare, M., Dowsley, R., Waters, B. and Yilek, S. (2012). Standard security does not imply security against selective-opening, in D. Pointcheval and T. Johansson (Eds.), Advances in Cryptology—EUROCRYPT 2012, Springer, Berlin/Heidelberg, pp. 645–662.
  2. Bellare, M., Hofheinz, D. and Yilek, S. (2009). Possibility and impossibility results for encryption and commitment secure under selective opening, in A. Joux (Ed.), Advances in Cryptology—EUROCRYPT 2009, Springer, Berlin/Heidelberg, pp. 1–35.
  3. Bellare, M., Waters, B. and Yilek, S. (2011). Identity-based encryption secure against selective opening attack, in Y. Ishai (Ed.), Theory of Cryptography, Springer, Berlin/Heidelberg, pp. 235–252.
  4. Böhl, F., Hofheinz, D. and Kraschewski, D. (2012). On definitions of selective opening security, in M. Fischlin, J. Buchmann and M. Manulis (Eds.), Public Key Cryptography—PKC 2012, Springer, Berlin/Heidelberg, pp. 522–539.
  5. Canetti, R., Friege, U., Goldreich, O. and Naor, M. (1996). Adaptively secure multi-party computation, Technical report, Massachusetts Institute of Technology, Cambridge, MA.
  6. Cramer, R. and Shoup, V. (2002). Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in L.R. Knudsen (Ed.), Advances in Cryptology—EUROCRYPT 2002, Springer, Berlin/Heidelberg, pp. 45–64.
  7. Fehr, S., Hofheinz, D., Kiltz, E. and Wee, H. (2010). Encryption schemes secure against chosen-ciphertext selective opening attacks, in H. Gilbert (Ed.), Advances in Cryptology—EUROCRYPT 2010, Berlin/Heidelberg, Springer, pp. 381–402.
  8. Gao, C.-z., Xie, D. and Wei, B. (2012). Deniable encryptions secure against adaptive chosen ciphertext attack, in M.D. Ryan, B. Smyth and G. Wang (Eds.), Information Security Practice and Experience, Springer, Berlin/Heidelberg, pp. 46–62.
  9. Hemenway, B., Libert, B., Ostrovsky, R. and Vergnaud, D. (2011). Lossy encryption: Constructions from general assumptions and efficient selective opening chosen ciphertext security, in D.H. Lee and X. Wang (Eds.), Advances in Cryptology—ASIACRYPT 2011, Springer, Berlin/Heidelberg, pp. 70–88.
  10. Hofheinz, D. (2012). All-but-many lossy trapdoor functions, in D. Pointcheval and T. Johansson (Eds.), Advances in Cryptology—EUROCRYPT 2012, Springer, Berlin/Heidelberg, pp. 209–227.
  11. Myers, S. and Shelat, A. (2009). Bit encryption is complete, 50th Annual IEEE Symposium on Foundations of Computer Science, FOCS’09, Atlanta, GA, USA, pp. 607–616.
  12. Peikert, C. and Waters, B. (2011). Lossy trapdoor functions and their applications, SIAM Journal on Computing 40(6): 1803–1844.
International Journal of Applied Mathematics and Computer Science
2015/25/2
Export to PBN, Opens in new tab
Pages:
415-430
Main language of publication
English
Published
2015

DOI: 10.1515/amcs-2015-0032

Exact and natural sciences