Efficient Chosen Ciphertext Secure Threshold Public-Key Encryption with Forward Security

Threshold Public Key Encryption allows a set of servers to decrypt a cipher text if a given threshold of authorized servers cooperate. Forward security allows one to mitigate the damage caused by exposure of secret keys. Forward-secure public encryptions are used to the threshold setting, this model guarantees that even if an adversary have broken into more than t distinct servers(for some i), messages encrypted during all time periods prior to i remain secret. In this paper, we present the first probably secure (non-interactive) forward-secure threshold public-key encryption scheme against chosen-cipher text attacks in the random oracle model. The encryption and update operations are very efficient when compared with the scheme presented by Libert et al. A formal definition, as well as a detailed analysis of the security performance of this scheme, is presented. The security of this scheme is based on the Computational Bilinear Diffie Hellman assumption, which leads to a unique approach to prove security in the random oracle model. Furthermore, in our model, the servers update their keys individually and asynchronously, without any communication between them.

[1]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[2]  Zhang Ya-juan,et al.  An identity-based key-exchange protocol , 2008, Wuhan University Journal of Natural Sciences.

[3]  Dan Boneh,et al.  Chosen Ciphertext Secure Public Key Threshold Encryption Without Random Oracles , 2006, CT-RSA.

[4]  Gene Itkis,et al.  Forward-Secure Signatures with Optimal Signing and Verifying , 2001, CRYPTO.

[5]  Tal Malkin,et al.  Efficient Generic Forward-Secure Signatures with an Unbounded Number Of Time Periods , 2002, EUROCRYPT.

[6]  Hugo Krawczyk,et al.  Simple forward-secure signatures from any signature scheme , 2000, IACR Cryptol. ePrint Arch..

[7]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[8]  Leonid Reyzin,et al.  A New Forward-Secure Digital Signature Scheme , 2000, ASIACRYPT.

[9]  Ran Canetti,et al.  An Efficient Threshold Public Key Cryptosystem Secure Against Adaptive Chosen Ciphertext Attack , 1999, EUROCRYPT.

[10]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[11]  Ross J. Anderson,et al.  Two remarks on public key cryptology , 2002 .

[12]  Moti Yung,et al.  Adaptively Secure Forward-Secure Non-interactive Threshold Cryptosystems , 2011, Inscrypt.

[13]  Zhoujun Li,et al.  Enhanced McCullagh-Barreto identity-based key exchange protocols with master key forward security , 2010, Int. J. Secur. Networks.

[14]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[15]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[16]  Leonid Reyzin,et al.  Forward-Secure Signatures with Fast Key Update , 2002, SCN.

[17]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[18]  Chanathip Namprempre,et al.  Forward-Secure Threshold Signature Schemes , 2001, CT-RSA.

[19]  Rosario Gennaro,et al.  Securing Threshold Cryptosystems against Chosen Ciphertext Attack , 1998, Journal of Cryptology.

[20]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[21]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.