Cryptology ePrint Archive: Report 2011/109

Secure Blind Decryption

Matthew Green

Abstract: In this work we construct public key encryption schemes that admit a protocol for /blindly/ decrypting ciphertexts. In a blind decryption protocol, a user with a ciphertext interacts with a secret keyholder such that the user obtains the decryption of the ciphertext and the keyholder learns nothing about what it decrypted. While we are not the first to consider this problem, previous works provided only weak security guarantees against malicious users. We provide, to our knowledge, the first practical blind decryption schemes that are secure under a strong CCA security definition.

We prove our construction secure in the standard model under simple, well-studied assumptions in bilinear groups. To motivate the usefulness of this primitive we discuss several applications including privacy-preserving distributed file systems and Oblivious Transfer schemes that admit /public/ contribution.

Category / Keywords: public-key cryptography / public-key encryption, privacy-preserving protocols, signatures, bilinear maps

Publication Info: This is a full version of a paper that appears in the proceedings of PKC 2011.

Date: received 5 Mar 2011

Contact author: matthewdgreen at gmail com

Available format(s): PDF | BibTeX Citation

Note: This full version contains a significantly more detailed explanation of constructions, detailed proofs of security, and an extended applications section. It also corrects a typographical error in the F-signature construction.

Version: 20110305:175808 (All versions of this report)

Short URL: ia.cr/2011/109

Discussion forum: Show discussion | Start new discussion