Paper 2008/440

Robust Encryption

Michel Abdalla, Mihir Bellare, and Gregory Neven

Abstract

We provide a provable-security treatment of ``robust'' encryption. Robustness means it is hard to produce a ciphertext that is valid for two different users. Robustness makes explicit a property that has been implicitly assumed in the past. We argue that it is an essential conjunct of anonymous encryption. We show that natural anonymity-preserving ways to achieve it, such as adding recipient identification information before encrypting, fail. We provide transforms that do achieve it, efficiently and provably. We assess the robustness of specific encryption schemes in the literature, providing simple patches for some that lack the property. We discuss applications including PEKS (Public-key Encryption with Keyword Search) and auctions. Overall our work enables safer and simpler use of encryption.

Metadata
Available format(s)
PDF
Publication info
A major revision of an IACR publication in TCC 2010
DOI
10.1007/978-3-642-11799-2_28
Keywords
IBEpublic-key encryptionsearchable encryptionauctionsCCA security.
Contact author(s)
michel abdalla @ ens fr
History
2016-12-24: last of 5 revisions
2008-10-20: received
See all versions
Short URL
https://ia.cr/2008/440
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/440,
      author = {Michel Abdalla and Mihir Bellare and Gregory Neven},
      title = {Robust Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2008/440},
      year = {2008},
      doi = {10.1007/978-3-642-11799-2_28},
      note = {\url{https://eprint.iacr.org/2008/440}},
      url = {https://eprint.iacr.org/2008/440}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.