The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
L'attaque d'ouverture sélective du récepteur (RSO) pour le chiffrement à clé publique (PKE) capture une situation dans laquelle un expéditeur envoie des messages à plusieurs destinataires, un adversaire peut corrompre un ensemble de récepteurs et obtenir leurs messages et leurs clés secrètes. La sécurité contre les attaques RSO pour un schéma PKE garantit la confidentialité des textes chiffrés d'autres récepteurs non corrompus. Parmi toutes les notions de sécurité RSO, la sécurité RSO basée sur la simulation contre les attaques de texte chiffré choisi (sécurité SIM-RSO-CCA) est la notion la plus forte. Dans cet article, nous explorons les constructions de PKE sécurisée SIM-RSO-CCA à partir de diverses hypothèses informatiques. Pour atteindre cet objectif, nous montrons qu'un schéma PKE sécurisé SIM-RSO-CCA peut être construit sur la base d'un schéma PKE sécurisé IND-CPA et d'un argument de connaissance nulle non interactive de vérificateur désigné (DV-NIZK) satisfaisant une simulation ponctuelle. solidité. De plus, nous donnons la première construction de l’argument DV-NIZK satisfaisant la solidité d’une simulation ponctuelle. Par conséquent, grâce à notre construction générique, nous obtenons le premier schéma PKE sécurisé SIM-RSO-CCA sous l’hypothèse informatique de Diffie-Hellman (CDH) ou d’apprentissage de parité avec bruit (LPN).
Yi LU
Tokyo Institute of Technology,National Institute of Advanced Industrial Science and Technology (AIST)
Keisuke HARA
Tokyo Institute of Technology,National Institute of Advanced Industrial Science and Technology (AIST)
Keisuke TANAKA
Tokyo Institute of Technology
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Yi LU, Keisuke HARA, Keisuke TANAKA, "Receiver Selective Opening CCA Secure Public Key Encryption from Various Assumptions" in IEICE TRANSACTIONS on Fundamentals,
vol. E104-A, no. 9, pp. 1206-1218, September 2021, doi: 10.1587/transfun.2020DMP0009.
Abstract: Receiver selective opening (RSO) attack for public key encryption (PKE) captures a situation where one sender sends messages to multiple receivers, an adversary can corrupt a set of receivers and get their messages and secret keys. Security against RSO attack for a PKE scheme ensures confidentiality of other uncorrupted receivers' ciphertexts. Among all of the RSO security notions, simulation-based RSO security against chosen ciphertext attack (SIM-RSO-CCA security) is the strongest notion. In this paper, we explore constructions of SIM-RSO-CCA secure PKE from various computational assumptions. Toward this goal, we show that a SIM-RSO-CCA secure PKE scheme can be constructed based on an IND-CPA secure PKE scheme and a designated-verifier non-interactive zero-knowledge (DV-NIZK) argument satisfying one-time simulation soundness. Moreover, we give the first construction of DV-NIZK argument satisfying one-time simulation soundness. Consequently, through our generic construction, we obtain the first SIM-RSO-CCA secure PKE scheme under the computational Diffie-Hellman (CDH) or learning parity with noise (LPN) assumption.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2020DMP0009/_p
Copier
@ARTICLE{e104-a_9_1206,
author={Yi LU, Keisuke HARA, Keisuke TANAKA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Receiver Selective Opening CCA Secure Public Key Encryption from Various Assumptions},
year={2021},
volume={E104-A},
number={9},
pages={1206-1218},
abstract={Receiver selective opening (RSO) attack for public key encryption (PKE) captures a situation where one sender sends messages to multiple receivers, an adversary can corrupt a set of receivers and get their messages and secret keys. Security against RSO attack for a PKE scheme ensures confidentiality of other uncorrupted receivers' ciphertexts. Among all of the RSO security notions, simulation-based RSO security against chosen ciphertext attack (SIM-RSO-CCA security) is the strongest notion. In this paper, we explore constructions of SIM-RSO-CCA secure PKE from various computational assumptions. Toward this goal, we show that a SIM-RSO-CCA secure PKE scheme can be constructed based on an IND-CPA secure PKE scheme and a designated-verifier non-interactive zero-knowledge (DV-NIZK) argument satisfying one-time simulation soundness. Moreover, we give the first construction of DV-NIZK argument satisfying one-time simulation soundness. Consequently, through our generic construction, we obtain the first SIM-RSO-CCA secure PKE scheme under the computational Diffie-Hellman (CDH) or learning parity with noise (LPN) assumption.},
keywords={},
doi={10.1587/transfun.2020DMP0009},
ISSN={1745-1337},
month={September},}
Copier
TY - JOUR
TI - Receiver Selective Opening CCA Secure Public Key Encryption from Various Assumptions
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1206
EP - 1218
AU - Yi LU
AU - Keisuke HARA
AU - Keisuke TANAKA
PY - 2021
DO - 10.1587/transfun.2020DMP0009
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E104-A
IS - 9
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - September 2021
AB - Receiver selective opening (RSO) attack for public key encryption (PKE) captures a situation where one sender sends messages to multiple receivers, an adversary can corrupt a set of receivers and get their messages and secret keys. Security against RSO attack for a PKE scheme ensures confidentiality of other uncorrupted receivers' ciphertexts. Among all of the RSO security notions, simulation-based RSO security against chosen ciphertext attack (SIM-RSO-CCA security) is the strongest notion. In this paper, we explore constructions of SIM-RSO-CCA secure PKE from various computational assumptions. Toward this goal, we show that a SIM-RSO-CCA secure PKE scheme can be constructed based on an IND-CPA secure PKE scheme and a designated-verifier non-interactive zero-knowledge (DV-NIZK) argument satisfying one-time simulation soundness. Moreover, we give the first construction of DV-NIZK argument satisfying one-time simulation soundness. Consequently, through our generic construction, we obtain the first SIM-RSO-CCA secure PKE scheme under the computational Diffie-Hellman (CDH) or learning parity with noise (LPN) assumption.
ER -