Paper 2008/164

On the (Im)Possibility of Key Dependent Encryption

Iftach Haitner and Thomas Holenstein

Abstract

We study the possibility of constructing encryption schemes secure under messages that are chosen depending on the key~k of the encryption scheme itself. We give the following separation results that hold both in the private and in the public key settings: \begin{itemize} \item Let~ be the family of -wise independent hash-functions. There exists no fully-black-box reduction from an encryption scheme secure against key-dependent messages to one-way permutations (and also to families of trapdoor permutations) if the adversary can obtain encryptions of~ for~. \item There exists no reduction from an encryption scheme secure against key-dependent messages to, essentially, \emph{any} cryptographic assumption, if the adversary can obtain an encryption of~ for an \emph{arbitrary} , as long as the reduction's proof of security treats both the adversary and the function as black boxes. \end{itemize}

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Will Appear in TCC 2009
Keywords
Key-dependent inputBlack-box separationsOne-way functions
Contact author(s)
iftachh @ gmail com
History
2008-12-29: revised
2008-04-14: received
See all versions
Short URL
https://ia.cr/2008/164
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/164,
      author = {Iftach Haitner and Thomas Holenstein},
      title = {On the (Im)Possibility of Key Dependent Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/164},
      year = {2008},
      url = {https://eprint.iacr.org/2008/164}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.