Paper 2011/109

Secure Blind Decryption

Matthew Green

Abstract

In this work we construct public key encryption schemes that admit a protocol for /blindly/ decrypting ciphertexts. In a blind decryption protocol, a user with a ciphertext interacts with a secret keyholder such that the user obtains the decryption of the ciphertext and the keyholder learns nothing about what it decrypted. While we are not the first to consider this problem, previous works provided only weak security guarantees against malicious users. We provide, to our knowledge, the first practical blind decryption schemes that are secure under a strong CCA security definition. We prove our construction secure in the standard model under simple, well-studied assumptions in bilinear groups. To motivate the usefulness of this primitive we discuss several applications including privacy-preserving distributed file systems and Oblivious Transfer schemes that admit /public/ contribution.

Note: This full version contains a significantly more detailed explanation of constructions, detailed proofs of security, and an extended applications section. It also corrects a typographical error in the F-signature construction.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. This is a full version of a paper that appears in the proceedings of PKC 2011.
Keywords
public-key encryptionprivacy-preserving protocolssignaturesbilinear maps
Contact author(s)
matthewdgreen @ gmail com
History
2011-03-05: received
Short URL
https://ia.cr/2011/109
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/109,
      author = {Matthew Green},
      title = {Secure Blind Decryption},
      howpublished = {Cryptology ePrint Archive, Paper 2011/109},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/109}},
      url = {https://eprint.iacr.org/2011/109}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.