We introduce and model the new primitive and present sufficient as well as necessary conditions for its generic implementation. We then develop an efficient novel number theoretic construction for group encryption of discrete logarithms whose complexity is independent of the group size. To achieve this we construct a new public-key encryption for discrete logarithms that satisfies CCA2-key-privacy and CCA2-security in the standard model. Applications of group encryption include settings where a user wishes to hide her preferred trusted third party or even impose a hidden hierarchy of trusted parties, or settings where verifiable well-formed ciphertexts are kept in a untrusted storage server that must be prevented from both learning the content of records as well as analyzing the identities of their retrievers.
Category / Keywords: public-key cryptography / Date: received 12 Jan 2007, last revised 19 Jan 2007 Contact author: aggelos at cse uconn edu Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Version: 20070119:210220 (All versions of this report) Short URL: ia.cr/2007/015 Discussion forum: Show discussion | Start new discussion