论文信息 - Efficient chosen-ciphertext secure public-key encryption scheme with high leakage-resilience

Efficient chosen-ciphertext secure public-key encryption scheme with high leakage-resilience

A leakage-resilient public-key encryption (PKE) scheme provides security even if an adversary obtains some information on the secret key. In recent years, much attention has been focused on designing provably secure PKE in the presence of key-leakage and almost all the constructions rely on an important building block namely hash proof system (HPS). However, in the setting of adaptive chosen-ciphertext attacks (CCA2), there are not many HPS-based leakage-resilient PKE schemes available. Moreover, most of them have an unsatisfactory leakage rate. In this study, the authors propose a new method of constructing leakage-resilient CCA2-secure PKE scheme from any tag-based strongly universal 2 HPS. The striking advantage of the authors scheme is the leakage rate, which is the best one among all known HPS-based indistinguishability key leakage CCA2-secure constructions. In particular, they present an instantiation under the n -linear assumption. In the cases of n = 1 (resp. n = 2), they actually obtain a decisional Diffie-Hellman (DDH)-based [resp. decisional linear (DLIN)-based] PKE scheme, where the leakage rate can be made to 1/4 (resp. 1/6). The authors DDH-based scheme achieves the best leakage rate among all known DDH-based (Cramer-Shoup-type) schemes. Their DLIN-based scheme is the first one that can achieve leakage of L /6 bits without pairing, where L is the length of the secret key.

[1] Yevgeniy Dodis,et al. Cryptography against Continuous Memory Attacks , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[2] Amit Sahai,et al. Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[3] Ronald Cramer,et al. Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[4] Siu-Ming Yiu,et al. Identity-Based Encryption Resilient to Continual Auxiliary Leakage , 2012, EUROCRYPT.

[5] Moni Naor,et al. Public-Key Cryptosystems Resilient to Key Leakage , 2012, SIAM J. Comput..

[6] Moni Naor,et al. Nonmalleable Cryptography , 2000, SIAM Rev..

[7] Rafail Ostrovsky,et al. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[8] Kaoru Kurosawa,et al. New leakage-resilient CCA-secure public key encryption , 2013, J. Math. Cryptol..

[9] Xianhui Lu,et al. Improved efficiency of Kiltz07-KEM , 2009, Inf. Process. Lett..

[10] Ronald Cramer,et al. Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[11] Yael Tauman Kalai,et al. Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.