A Profitable Sub-prime Loan: Obtaining the Advantages of Composite Order in Prime-Order Bilinear Groups

Composite-order bilinear groups provide many structural features that are useful for both constructing cryptographic primitives and enabling security reductions. Despite these convenient features, however, composite-order bilinear groups are less desirable than prime-order bilinear groups for reasons of both efficiency and security. A recent line of work has therefore focused on translating these structural features from the composite-order to the prime-order setting; much of this work focused on two such features, projecting and canceling, in isolation, but a result due to Seo and Cheon showed that both features can be obtained simultaneously in the prime-order setting.

[1]  Allison Bishop,et al.  Witness Encryption from Instance Independent Assumptions , 2014, IACR Cryptol. ePrint Arch..

[2]  Michael Scott,et al.  On the Efficient Implementation of Pairing-Based Protocols , 2011, IMACC.

[3]  Tatsuaki Okamoto,et al.  Homomorphic Encryption and Signatures from Vector Decomposition , 2008, Pairing.

[4]  Brent Waters,et al.  Identity-Based Encryption Secure against Selective Opening Attack , 2011, TCC.

[5]  Allison Bishop,et al.  Storing Secrets on Continually Leaky Devices , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[6]  Tsuyoshi Takagi,et al.  Breaking Pairing-Based Cryptosystems Using η T Pairing over GF(397) , 2012, ASIACRYPT.

[7]  Rafail Ostrovsky,et al.  Circular-Secure Encryption from Decision Diffie-Hellman , 2008, CRYPTO.

[8]  Jung Hee Cheon,et al.  Beyond the Limitation of Prime-Order Bilinear Groups, and Round Optimal Blind Signatures , 2012, TCC.

[9]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[10]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[11]  Antoine Joux,et al.  Faster Index Calculus for the Medium Prime Case Application to 1175-bit and 1425-bit Finite Fields , 2013, EUROCRYPT.

[12]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[13]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[14]  Hoeteck Wee,et al.  Shorter IBE and Signatures via Asymmetric Pairings , 2012, Pairing.

[15]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2012, SIAM J. Comput..

[16]  Allison Bishop,et al.  Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting , 2012, EUROCRYPT.

[17]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[18]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[19]  Allison Bishop,et al.  Achieving Leakage Resilience through Dual System Encryption , 2011, TCC.

[20]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[21]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[22]  Yevgeniy Dodis,et al.  Cryptography against Continuous Memory Attacks , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[23]  Aurore Guillevic,et al.  Comparing the Pairing Efficiency over Composite-Order and Prime-Order Elliptic Curves , 2013, ACNS.

[24]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[25]  Dennis Hofheinz,et al.  Polynomial Spaces: A New Framework for Composite-to-Prime-Order Transformations , 2014, IACR Cryptol. ePrint Arch..

[26]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[27]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[28]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[29]  Jérémie Detrey,et al.  Optimal Eta Pairing on Supersingular Genus-2 Binary Hyperelliptic Curves , 2012, CT-RSA.

[30]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[31]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[32]  Francisco Rodríguez-Henríquez,et al.  Computing Discrete Logarithms in 𝔽36...137 and 𝔽36...163 Using Magma , 2014, WAIFI.

[33]  Jae Hong Seo On the (Im)possibility of Projecting Property in Prime-Order Setting , 2012, ASIACRYPT.

[34]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[35]  Hovav Shacham,et al.  Limitations on Transformations from Composite-Order to Prime-Order Groups: The Case of Round-Optimal Blind Signatures , 2010, ASIACRYPT.

[36]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[37]  Allison Bishop,et al.  How to leak on key updates , 2011, STOC '11.

[38]  Dan Boneh,et al.  Finding composite order ordinary elliptic curves using the Cocks-Pinch method , 2011, IACR Cryptol. ePrint Arch..

[39]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[40]  Matthew Green,et al.  Correlation-Resistant Storage via Keyword-Searchable Encryption , 2005, IACR Cryptol. ePrint Arch..

[41]  Francisco Rodríguez-Henríquez,et al.  Weakness of 𝔽36·509 for Discrete Logarithm Cryptography , 2013, Pairing.

[42]  Francisco Rodríguez-Henríquez,et al.  Computing Discrete Logarithms in F36*137 using Magma , 2014, IACR Cryptol. ePrint Arch..

[43]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[44]  Patrick Longa,et al.  Faster Explicit Formulas for Computing Pairings over Ordinary Curves , 2011, EUROCRYPT.

[45]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[46]  Gary McGuire,et al.  On the Function Field Sieve and the Impact of Higher Splitting Probabilities: Application to Discrete Logarithms in $\mathbb{F}_{2^{1971}}$ and $\mathbb{F}_{2^{3164}}$ , 2013, CRYPTO 2013.