Data security against receiver corruptions: SOA security for receivers from simulatable DEMs

Abstract Data security and privacy protection issues are the primary network security threats. The notion of selective opening security (SOA) for receivers focuses on such a scenario of multi-user setting: there are one sender and multiple receivers. Upon receiving the multiple challenge ciphertexts, even if the adversary is allowed to corrupt some of the receivers (e.g. the Heartbleed attack) by obtaining the decryption keys corresponding to some of the challenge ciphertexts, the SOA security for receivers requires that the ciphertexts of the uncorrupted receivers remain secure. The setting of receiver corruptions is much less studied than that of sender corruptions, where the corrupted senders expose their messages and the random coins employed during the encryption. In this paper, we propose an approach to achieve simulation-based selective opening security for receivers under chosen-ciphertext attacks (RSIM-SO-CCA), with the help of the technique proposed by Heuer and Poettering in Asiacrypt 2016. Specifically, for a hybrid public-key encryption (PKE) scheme consisting of a blockcipher-based data encapsulation mechanism (DEM) and a key encapsulation mechanism (KEM), if the DEM and KEM meet some special properties, then the hybrid PKE scheme is RSIM-SO-CCA secure in the ideal cipher model.

[1]  Dennis Hofheinz,et al.  All-But-Many Lossy Trapdoor Functions , 2012, EUROCRYPT.

[2]  Brent Waters,et al.  Identity-Based Encryption Secure against Selective Opening Attack , 2011, TCC.

[3]  Jian Shen,et al.  Finger vein secure biometric template generation based on deep learning , 2018, Soft Comput..

[4]  Xavier Boyen,et al.  All-But-Many Lossy Trapdoor Functions from Lattices and Applications , 2017, CRYPTO.

[5]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[6]  Eike Kiltz,et al.  Encryption Schemes Secure against Chosen-Ciphertext Selective Opening Attacks , 2010, EUROCRYPT.

[7]  Jian Shen,et al.  Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks , 2018, J. Netw. Comput. Appl..

[8]  Jonathan Katz,et al.  Adaptively-Secure, Non-interactive Public-Key Encryption , 2005, TCC.

[9]  Brent Waters,et al.  Standard Security Does Not Imply Security against Selective-Opening , 2012, EUROCRYPT.

[10]  Dennis Hofheinz,et al.  On definitions of selective opening security , 2012, IACR Cryptol. ePrint Arch..

[11]  Yunlei Zhao,et al.  Identity-Based Encryption Secure Against Selective Opening Chosen-Ciphertext Attack , 2014, IACR Cryptol. ePrint Arch..

[12]  Mihir Bellare,et al.  Code-Based Game-Playing Proofs and the Security of Triple Encryption , 2004, IACR Cryptol. ePrint Arch..

[13]  Nagiza F. Samatova,et al.  Solving the maximum duo-preservation string mapping problem with linear programming , 2014, Theor. Comput. Sci..

[14]  Jianfeng Ma,et al.  Verifiable Computation over Large Database with Incremental Updates , 2014, IEEE Transactions on Computers.

[15]  Kefei Chen,et al.  Fixing the Sender-Equivocable Encryption Scheme in Eurocrypt 2010 , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[16]  Jian Shen,et al.  Anonymous and Traceable Group Data Sharing in Cloud Computing , 2018, IEEE Transactions on Information Forensics and Security.

[17]  Xiaofeng Chen,et al.  Secure Distributed Deduplication Systems with Improved Reliability , 2015, IEEE Trans. Computers.

[18]  Jin Li,et al.  Secure attribute-based data sharing for resource-limited users in cloud computing , 2018, Comput. Secur..

[19]  Jin Li,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2015, IEEE Transactions on Computers.

[20]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[21]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[22]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[23]  Jin Li,et al.  Privacy-preserving Naive Bayes classifiers secure against the substitution-then-comparison attack , 2018, Inf. Sci..

[24]  Stanislaw Jarecki,et al.  Adaptively Secure Threshold Cryptography: Introducing Concurrency, Removing Erasures , 2000, EUROCRYPT.

[25]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[26]  Bertram Poettering,et al.  Selective Opening Security from Simulatable Data Encapsulation , 2016, ASIACRYPT.

[27]  Jin Li,et al.  Insight of the protection for data security under selective opening attacks , 2017, Inf. Sci..

[28]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[29]  Kenneth G. Paterson,et al.  Simulation-Based Selective Opening CCA Security for PKE from Key Encapsulation Mechanisms , 2015, Public Key Cryptography.

[30]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[31]  Pooya Farshim,et al.  Generic Constructions of Identity-Based and Certificateless KEMs , 2008, Journal of Cryptology.

[32]  Jin Li,et al.  A Hybrid Cloud Approach for Secure Authorized Deduplication , 2015, IEEE Transactions on Parallel and Distributed Systems.

[33]  Wenbin Chen,et al.  Lattice-based linearly homomorphic signatures in the standard model , 2016, Theor. Comput. Sci..

[34]  Mihir Bellare,et al.  Encryption Schemes Secure under Selective Opening Attack , 2009, IACR Cryptol. ePrint Arch..

[35]  Qixiang Mei,et al.  Generic and Efficient Constructions of Attribute-Based Encryption with Verifiable Outsourced Decryption , 2016, IEEE Transactions on Dependable and Secure Computing.

[36]  Tibor Jager,et al.  On the Selective Opening Security of Practical Public-Key Encryption Schemes , 2015, Public Key Cryptography.

[37]  Carmit Hazay,et al.  Selective Opening Security for Receivers , 2015, ASIACRYPT.

[38]  Dingding Jia,et al.  Constructions Secure Against Receiver Selective Opening and Chosen Ciphertext Attacks , 2017, CT-RSA.

[39]  Ron Steinfeld,et al.  All-But-Many Lossy Trapdoor Functions and Selective Opening Chosen-Ciphertext Security from LWE , 2017, CRYPTO.

[40]  Fucai Zhou,et al.  Dynamic Fully Homomorphic encryption-based Merkle Tree for lightweight streaming authenticated data structures , 2018, J. Netw. Comput. Appl..

[41]  Jianfeng Ma,et al.  A remotely keyed file encryption scheme under mobile cloud computing , 2018, J. Netw. Comput. Appl..

[42]  Mihir Bellare,et al.  Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening , 2009, EUROCRYPT.

[43]  Adam O'Neill,et al.  Selective-Opening Security in the Presence of Randomness Failures , 2016, ASIACRYPT.

[44]  Tibor Jager,et al.  Public-Key Encryption with Simulation-Based Selective-Opening Security and Compact Ciphertexts , 2016, TCC.

[45]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[46]  Kefei Chen,et al.  Non-malleability Under Selective Opening Attacks: Implication and Separation , 2015, ACNS.

[47]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[48]  Hao Wang,et al.  New directly revocable attribute-based encryption scheme and its application in cloud storage environment , 2016, Cluster Computing.

[49]  Kefei Chen,et al.  Sender-Equivocable Encryption Schemes Secure against Chosen-Ciphertext Attacks Revisited , 2015, Int. J. Appl. Math. Comput. Sci..

[50]  Jianfeng Ma,et al.  New Publicly Verifiable Databases with Efficient Updates , 2015, IEEE Transactions on Dependable and Secure Computing.

[51]  Rafail Ostrovsky,et al.  Lossy Encryption: Constructions from General Assumptions and Efficient Selective Opening Chosen Ciphertext Security , 2011, ASIACRYPT.