Tightly SIM-SO-CCA Secure Public Key Encryption from Standard Assumptions

Selective opening security (SO security) is desirable for public key encryption (PKE) in a multi-user setting. In a selective opening attack, an adversary receives a number of ciphertexts for possibly correlated messages, then it opens a subset of them and gets the corresponding messages together with the randomnesses used in the encryptions. SO security aims at providing security for the unopened ciphertexts. Among the existing simulation-based, selective opening, chosen ciphertext secure (SIM-SO-CCA secure) PKEs, only one (Libert et al. Crypto’17) enjoys tight security, which is reduced to the Non-Uniform LWE assumption. However, their public key and ciphertext are not compact.

[1]  Dennis Hofheinz,et al.  All-But-Many Lossy Trapdoor Functions , 2012, EUROCRYPT.

[2]  Kefei Chen,et al.  Sender-Equivocable Encryption Schemes Secure against Chosen-Ciphertext Attacks Revisited , 2015, Int. J. Appl. Math. Comput. Sci..

[3]  Ron Steinfeld,et al.  All-But-Many Lossy Trapdoor Functions and Selective Opening Chosen-Ciphertext Security from LWE , 2017, CRYPTO.

[4]  Tibor Jager,et al.  Public-Key Encryption with Simulation-Based Selective-Opening Security and Compact Ciphertexts , 2016, TCC.

[5]  Hoeteck Wee,et al.  Fully, (Almost) Tightly Secure IBE and Dual System Groups , 2013, CRYPTO.

[6]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[7]  Dennis Hofheinz,et al.  On definitions of selective opening security , 2012, IACR Cryptol. ePrint Arch..

[8]  Mihir Bellare,et al.  Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening , 2009, EUROCRYPT.

[9]  Brent Waters,et al.  Lossy Trapdoor Functions and Their Applications , 2011, SIAM J. Comput..

[10]  Rafail Ostrovsky,et al.  Lossy Encryption: Constructions from General Assumptions and Efficient Selective Opening Chosen Ciphertext Security , 2011, ASIACRYPT.

[11]  Shuai Han,et al.  Public-Key Encryption with Tight Simulation-Based Selective-Opening Security , 2018, Comput. J..

[12]  Moni Naor,et al.  Magic functions , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[13]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[14]  Yunlei Zhao,et al.  Identity-Based Encryption Secure Against Selective Opening Chosen-Ciphertext Attack , 2014, IACR Cryptol. ePrint Arch..

[15]  Kefei Chen,et al.  Fixing the Sender-Equivocable Encryption Scheme in Eurocrypt 2010 , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[16]  Ivan Damgård,et al.  Improved Non-committing Encryption Schemes Based on a General Complexity Assumption , 2000, Annual International Cryptology Conference.

[17]  Dennis Hofheinz,et al.  Kurosawa-Desmedt Meets Tight Security , 2017, CRYPTO.

[18]  Eike Kiltz,et al.  Encryption Schemes Secure against Chosen-Ciphertext Selective Opening Attacks , 2010, EUROCRYPT.

[19]  Kenneth G. Paterson,et al.  Simulation-Based Selective Opening CCA Security for PKE from Key Encapsulation Mechanisms , 2015, Public Key Cryptography.

[20]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[21]  Eike Kiltz,et al.  Tightly CCA-Secure Encryption Without Pairings , 2016, EUROCRYPT.