Stateful Public-Key Encryption Schemes Forward-Secure Against State Exposure

We put forward a notion of forward security for stateful public-key encryption against state exposure and chosen ciphertext attack. This new notion is important in mobile applications in which small devices that perform ‘stateful encryptions’ are vulnerable to attacks which can result in the compromise of internal states. We precisely formulate a security definition and propose two efficient schemes which are provably secure under standard computational assumptions.