Key privacy and anonymous protocols

The growing need for user privacy protection has lead to the development of general notions and efficient tools for building privacy-preserving applications. Among them, the notion of key privacy in public-key encryption, which guarantees that an adversary is unable to tell with which public key a certain ciphertext has been produced, plays a key-role in the design of several anonymous protocols. Apparently, it seems to be unrelated to the security of the encrypted content, and it looks like just an additional property the encryption scheme can enjoy. In this paper we show that for a robust encryption scheme key privacy under chosen ciphertext attack implies non-malleability and, hence, security under chosen ciphertext attacks. Then, we look at two privacy-preserving protocols: secret sets and anonymous broadcast encryption. We prove that secret sets and anonymous broadcast are equivalent w.r.t. non-adaptive adversaries: the first can be used to design the second and vice versa. Finally, we revisit some previous constructions for secret sets, and we show the security properties they enjoy within a rigorously defined adversarial model.

[1]  Tal Malkin,et al.  Mercurial Commitments with Applications to Zero-Knowledge Sets , 2005, Journal of Cryptology.

[2]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[3]  Kenneth G. Paterson,et al.  Anonymous Broadcast Encryption: Adaptive Security and Efficient Constructions in the Standard Model , 2012, Public Key Cryptography.

[4]  Silvio Micali,et al.  Zero-knowledge sets , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[5]  Johan Håstad,et al.  The Security of All RSA and Discrete Log Bits , 1998 .

[6]  Alfredo De Santis,et al.  On secret set schemes , 2000, Inf. Process. Lett..

[7]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[8]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[9]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[10]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[11]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[12]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[13]  Gene Tsudik,et al.  Secret Sets and Applications , 1998, Inf. Process. Lett..

[14]  Ivan Visconti,et al.  Mercurial Commitments: Minimal Assumptions and Efficient Constructions , 2006, TCC.

[15]  Mario Di Raimondo,et al.  Zero-Knowledge Sets With Short Proofs , 2008, IEEE Transactions on Information Theory.

[16]  Kazue Sako,et al.  An Auction Protocol Which Hides Bids of Losers , 2000, Public Key Cryptography.

[17]  M. Panella Associate Editor of the Journal of Computer and System Sciences , 2014 .

[18]  Brent Waters,et al.  Privacy in Encrypted Content Distribution Using Private Broadcast Encryption , 2006, Financial Cryptography.

[19]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[20]  Mihir Bellare,et al.  Robust Encryption , 2010, TCC.