Efficient Construction of Completely Non-Malleable CCA Secure Public Key Encryption

Non-malleability is an important and intensively studied security notion for many cryptographic primitives. In the context of public key encryption, this notion means it is infeasible for an adversary to transform an encryption of some message m into one of a related message m' under the given public key. Although it has provided a strong security property for many applications, it still does not suffice for some scenarios like the system where the users could issue keys on-the-fly. In such settings, the adversary may have the power to transform the given public key and the ciphertext. To withstand such attacks, Fischlin introduced a stronger notion, known as complete non-malleability, which requires that the non-malleability property be preserved even for the adversaries attempting to produce a ciphertext of some related message under the transformed public key. To date, many schemes satisfying this stronger security have been proposed, but they are either inefficient or proved secure in the random oracle model. In this work, we put forward a new encryption scheme in the common reference string model. Based on the standard DBDH assumption, the proposed scheme is proved completely non-malleable secure against adaptive chosen ciphertext attacks in the standard model. In our scheme, the well-formed public keys and ciphertexts could be publicly recognized without drawing support from unwieldy techniques like non-interactive zero knowledge proofs or one-time signatures, thus achieving a better performance.

[1]  Moti Yung,et al.  Efficient Completely Non-malleable Public Key Encryption , 2010, ICALP.

[2]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[3]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[4]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[5]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[6]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[7]  Marc Fischlin,et al.  Completely Non-malleable Schemes , 2005, ICALP.

[8]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[9]  Carmine Ventre,et al.  Completely Non-malleable Encryption Revisited , 2008, Public Key Cryptography.

[10]  Robert H. Deng,et al.  Efficient CCA-Secure PKE from Identity-Based Techniques , 2010, CT-RSA.

[11]  Brent Waters,et al.  Lossy trapdoor functions and their applications , 2008, SIAM J. Comput..

[12]  Eike Kiltz,et al.  Practical Chosen Ciphertext Secure Encryption from Factoring , 2009, Journal of Cryptology.

[13]  Rafail Ostrovsky,et al.  Efficient and Non-interactive Non-malleable Commitment , 2001, EUROCRYPT.

[14]  Kaoru Kurosawa,et al.  Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption , 2008, IACR Cryptol. ePrint Arch..

[15]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[16]  Manuel Barbosa,et al.  Relations among Notions of Complete Non-malleability: Indistinguishability Characterisation and Efficient Construction without Random Oracles , 2010, ACISP.

[17]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[18]  Marc Fischlin,et al.  Efficient Non-malleable Commitment Schemes , 2000, Journal of Cryptology.

[19]  David Cash,et al.  The Twin Diffie–Hellman Problem and Applications , 2009, Journal of Cryptology.

[20]  Dan Boneh,et al.  Efficient Lattice (H)IBE in the Standard Model , 2010, EUROCRYPT.

[21]  Ron Steinfeld,et al.  Lattice-based completely non-malleable public-key encryption in the standard model , 2014, Des. Codes Cryptogr..

[22]  Jacques Stern,et al.  RSA-OAEP Is Secure under the RSA Assumption , 2001, Journal of Cryptology.

[23]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[24]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[25]  Josef Pieprzyk,et al.  New security notions and relations for public-key encryption , 2012, J. Math. Cryptol..

[26]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.