Internet service has enabled digital contents to be shared faster and easier, but on the other side it raised an issue of illegal copy of the digital contents. Public key encryption schemes solve this issue partially. However, there is still a weak point that the secret key is not completely protected; that is, public key encryption schemes suffer from illegal copy of secret keys (the key-cloni...

Proxy re-encryption is a useful concept and many proxy reencryption schemes have been proposed in the asymmetric encryption setting. In the asymmetric encryption setting, proxy re-encryption can be beautifully implemented because many operations are available to directly transform a cipher to another cipher without the proxy needs to access the plaintexts. However, in many situations, for a bet...

Functional Encryption: Constructions and Lower Bounds Sergey Gorbunov Master of Science Graduate Department of Computer Science University of Toronto 2012 Functional encryption is an emerging paradigm for public-key encryption that enables finegrained control of access to encrypted data. Given a secret key for a circuit C and an encryption of an input message x, a user should be able to learn t...

In an order-preserving encryption scheme, the encryption algorithm produces ciphertexts that preserve the order of their plaintexts. Order-preserving encryption schemes have been studied intensely in the last decade, and yet not much is known about the security of these schemes. Very recently, Boneh et al. (Eurocrypt 2015) introduced a generalization of order-preserving encryption, called order...

The primitive of deniable encryption was introduced by Canetti et al. (CRYPTO, 1997). Deniable encryption is an encryption scheme with the added feature that after transmitting a message m, both sender and receiver may produce random coins showing that the transmitted ciphertext was an encryption of any message m′ in the message space. Deniable encryption is a key tool for constructing incoerci...

Recently, Canetti, Halevi, and Katz showed a general method for constructing CCA-secure encryption schemes from identity-based encryption schemes in the standard model. We improve the efficiency of their construction, and show two specific instantiations of our resulting scheme which offer the most efficient encryption (and, in one case, key generation) of any CCA-secure encryption scheme to date.

We present a construction of a CCA2-secure encryption scheme from a plaintext aware, weakly simulatable public key encryption scheme. The notion of plaintext aware, weakly simulatable public key encryption has been considered previously by Myers, Sergi and shelat (SCN, 2012) and natural encryption schemes such as the Damg̊ard Elgamal Scheme (Damg̊ard, Crypto, 1991) and the Cramer-Shoup Lite Schem...