Structure-Preserving Chosen-Ciphertext Security with Shorter Verifiable Ciphertexts
نویسندگان
چکیده
Structure-preserving cryptography is a world where messages, signatures, ciphertexts and public keys are entirely made of elements of a group over which a bilinear map is efficiently computable. While structure-preserving signatures have received much attention the last 6 years, structure-preserving encryption schemes have undergone slower development. In particular, the best known structure-preserving cryptosystems with chosen-ciphertext (IND-CCA2) security either rely on symmetric pairings or require long ciphertexts comprised of hundreds of group elements or do not provide publicly verifiable ciphertexts. We provide a publicly verifiable construction based on the SXDH assumption in asymmetric bilinear groups e : G× Ĝ→ GT , which features relatively short ciphertexts. For typical parameters, our ciphertext size amounts to less than 40 elements of G. As a second contribution, we provide a structure-preserving encryption scheme with perfectly randomizable ciphertexts and replayable chosen-ciphertext security. Our new RCCAsecure system significantly improves upon the best known system featuring similar properties in terms of ciphertext size.
منابع مشابه
Publicly Verifiable Ciphertexts
In many applications, where encrypted traffic flows from an open (public) domain to a protected (private) domain, there exists a gateway that bridges the two domains and faithfully forwards the incoming traffic to the receiver. We observe that indistinguishability against (adaptive) chosen-ciphertext attacks (IND-CCA), which is a mandatory goal in face of active attacks in a public domain, can ...
متن کاملChosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman
We propose a practical key encapsulation mechanism with a simple and intuitive design concept. Security against chosen-ciphertext attacks can be proved in the standard model under a new assumption, the Gap Hashed Diffie-Hellman (GHDH) assumption. The security reduction is tight and simple. Secure key encapsulation, combined with an appropriately secure symmetric encryption scheme, yields a hybr...
متن کاملSemi-order preserving encryption
Order preserving encryption (OPE) is a kind of encryption designed to support searches on ciphertexts. OPE encrypts plaintexts to ciphertexts with the same order, making it possible to efficiently compare ciphertexts without decryption. Because of its efficiency, OPE has been used in systems aimed at practical use. However, even though many OPE schemes have been proposed, all suffer from securi...
متن کاملSimple and efficient threshold cryptosystem from the Gap Diffie-Hellman group
In this paper, we construct a new threshold cryptosystem from the Gap Diffie-Hellman (GDH) group. The proposed scheme enjoys all the most important properties that a robust and practical threshold cryptosystem should possess, that is, it is noninteractive, computationally efficient and provably secure against adaptive chosen ciphertext attacks. In addition, thanks to the elegant structure of th...
متن کاملCCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts
In a threshold broadcast encryption scheme, a sender chooses (ad-hoc) a set of n receivers and a threshold t, and then encrypts a message by using the public keys of all the receivers, in such a way that the original plaintext can be recovered only if at least t receivers cooperate. Previously proposed threshold broadcast encryption schemes have ciphertexts whose length is at least n + O(1). In...
متن کامل