Custodian-Hiding Verifiable Encryption

In a verifiable encryption, an asymmetrically encrypted ciphertext can be publicly verified to be decipherable by a designated receiver while maintaining the semantic security of the message [2,6,9]. In this paper, we introduce Custodian-Hiding Verifiable Encryption, where it can be publicly verified that there exists at least one custodian (user), out of a designated group of n custodians (users), who can decrypt the message, while the semantic security of the message and the anonymity of the actual decryptor are maintained. Our scheme is proven secure in the random oracle model. We also introduce two extensions to decryption by a subset of more than one user.

[1]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[2]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[3]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[4]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[5]  Bert den Boer Oblivous Transfer Protecting Secrecy , 1991, EUROCRYPT.

[6]  Joe Kilian,et al.  Weakening Security Assumptions and Oblivious Transfer (Abstract) , 1988, CRYPTO.

[7]  Giuseppe Ateniese Verifiable encryption of digital signatures and applications , 2004, TSEC.

[8]  Jan Camenisch,et al.  Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.

[9]  Ivan Damgård,et al.  Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes , 2000, ASIACRYPT.

[10]  Yi Mu,et al.  m out of n Oblivious Transfer , 2002, ACISP.

[11]  Feng Bao An Efficient Verifiable Encryption Scheme for Encryption of Discrete Logarithms , 1998, CARDIS.

[12]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[13]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[14]  Gilles Brassard,et al.  Information theoretic reductions among disclosure problems , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[15]  N. Asokan,et al.  Optimistic Fair Exchange of Digital Signatures (Extended Abstract) , 1998, EUROCRYPT.

[16]  Jan Camenisch,et al.  Separability and Efficiency for Generic Group Signature Schemes , 1999, CRYPTO.

[17]  Joe Kilian,et al.  Identity Escrow , 1998, CRYPTO.

[18]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..