Strong Post-Compromise Secure Proxy Re-Encryption

Proxy Re-Encryption (PRE) allows a ciphertext encrypted using a key \(\mathsf {pk}_{i}\) to be re-encrypted by a third party so that it is an encryption of the same message under a new key \(\mathsf {pk}_{j}\), without revealing the message. We define Post-Compromise Security (PCS) in the context of PRE. This ensures that an adversary cannot distinguish which of two adversarially chosen ciphertexts a re-encryption was created from even when given the old secret key and the update token used to perform the re-encryption. We give separating examples demonstrating how PCS is stronger than existing security definitions for PRE achieving similar goals, before showing that PCS can be achieved using a combination of existing security properties from the literature. In doing so, we show there are existing PRE schemes satisfying PCS. Finally, we give a construction demonstrating that natural modifications of practical PRE schemes provably have PCS directly, without incurring overheads from the security reductions we have shown, and from weaker assumptions than existing schemes.

[1]  Anja Lehmann,et al.  Updatable Encryption with Post-Compromise Security , 2018, IACR Cryptol. ePrint Arch..

[2]  Steven Myers,et al.  Efficient Hybrid Proxy Re-Encryption for Practical Revocation and Key Rotation , 2017, IACR Cryptol. ePrint Arch..

[3]  Ilan Komargodski,et al.  Be Adaptive, Avoid Overcommitting , 2017, CRYPTO.

[4]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[5]  Cas J. F. Cremers,et al.  On Post-compromise Security , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).

[6]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[7]  Vinod Vaikuntanathan,et al.  Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages , 2011, CRYPTO.

[8]  Vinod Vaikuntanathan,et al.  Functional Re-encryption and Collusion-Resistant Obfuscation , 2012, TCC.

[9]  Vinod Vaikuntanathan,et al.  Fast Proxy Re-Encryption for Publish/Subscribe Systems , 2017, IACR Cryptol. ePrint Arch..

[10]  Georg Fuchsbauer,et al.  Adaptively Secure Proxy Re-encryption , 2019, IACR Cryptol. ePrint Arch..

[11]  Abhi Shelat,et al.  Securely Obfuscating Re-Encryption , 2007, Journal of Cryptology.

[12]  Ronald Cramer,et al.  Recovering Short Generators of Principal Ideals in Cyclotomic Rings , 2016, EUROCRYPT.

[13]  Daniele Micciancio,et al.  Worst-case to average-case reductions based on Gaussian measures , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[14]  Aloni Cohen What about Bob? The Inadequacy of CPA Security for Proxy Reencryption , 2017, IACR Cryptol. ePrint Arch..

[15]  Kenneth G. Paterson,et al.  Key Rotation for Authenticated Encryption , 2017, CRYPTO.

[16]  Yevgeniy Dodis,et al.  Proxy Cryptography Revisited , 2003, NDSS.

[17]  Fang Song,et al.  Efficient quantum algorithms for computing class groups and solving the principal ideal problem in arbitrary degree number fields , 2016, SODA.

[18]  Dan Boneh,et al.  Key Homomorphic PRFs and Their Applications , 2013, CRYPTO.

[19]  Ronald Cramer,et al.  Short Stickelberger Class Relations and Application to Ideal-SVP , 2016, EUROCRYPT.

[20]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .

[21]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[22]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-Encryption , 2008, IEEE Transactions on Information Theory.

[23]  Feng-Hao Liu,et al.  Re-encryption, Functional Re-encryption, and Multi-hop Re-encryption: A Framework for Achieving Obfuscation-Based Security and Instantiations from Lattices , 2014, Public Key Cryptography.

[24]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[25]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[26]  Susan Hohenberger,et al.  Key-Private Proxy Re-encryption , 2009, CT-RSA.

[27]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[28]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[29]  Ela Lee Improved Security Notions for Proxy Re-Encryption to Enforce Access Control , 2017, IACR Cryptol. ePrint Arch..