Cryptology ePrint Archive: Report 2001/009

Robust key-evolving public key encryption schemes

Wen-Guey Tzeng, Zhi-Jia Tzeng

Abstract: We propose a key-evolving paradigm to deal with the key exposure problem of public key encryption schemes. The key evolving paradigm is like the one used for forward-secure digital signature schemes. Let time be divided into time periods such that at time period $j$, the decryptor holds the secret key $SK_j$, while the public key PK is fixed during its lifetime. At time period $j$, a sender encrypts a message $m$ as $\langle j, c\rangle$, which can be decrypted only with the private key $SK_j$. When the time makes a transit from period $j$ to $j+1$, the decryptor updates its private key from $SK_j$ to $SK_{j+1}$ and deletes $SK_j$ immediately. The key-evolving paradigm assures that compromise of the private key $SK_j$ does not jeopardize the message encrypted at the other time periods. \par We propose two key-evolving public key encryption schemes with $z$-resilience such that compromise of $z$ private keys does not affect confidentiality of messages encrypted in other time periods. Assuming that the DDH problem is hard, we show one scheme semantically secure against passive adversaries and the other scheme semantically secure against the adaptive chosen ciphertext attack under the random oracle.

Category / Keywords: public-key cryptography / public-key cryptography, key-evolving, forward scurity

Publication Info: manuscript

Date: received 11 Feb 2001

Contact author: tzeng at cis nctu edu tw

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Version: 20010217:223010 (All versions of this report)

Short URL: ia.cr/2001/009

Discussion forum: Show discussion | Start new discussion