Paper 2011/197

Public Key Encryption for the Forgetful

Puwen Wei, Yuliang Zheng, and Xiaoyun Wang

Abstract

We investigate public key encryption that allows the originator of a ciphertext to retrieve a ``forgotten'' plaintext from the ciphertext. This type of public key encryption with ``backward recovery'' contrasts more widely analyzed public key encryption with ``forward secrecy''. We advocate that together they form the two sides of a whole coin, whereby offering complementary roles in data security, especially in cloud computing, 3G/4G communications and other emerging computing and communication platforms. We formalize the notion of public key encryption with backward recovery, and present two construction methods together with formal analyses of their security. The first method embodies a generic public key encryption scheme with backward recovery using the ``encrypt then sign" paradigm, whereas the second method provides a more efficient scheme that is built on Hofheinz and Kiltz's public key encryption in conjunction with target collision resistant hashing. Security of the first method is proved in a two-user setting, whereas the second is in a more general multi-user setting.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
public key encryptionbackward recovery
Contact author(s)
pwei @ sdu edu cn
History
2011-04-25: received
Short URL
https://ia.cr/2011/197
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/197,
      author = {Puwen Wei and Yuliang Zheng and Xiaoyun Wang},
      title = {Public Key Encryption for the Forgetful},
      howpublished = {Cryptology {ePrint} Archive, Paper 2011/197},
      year = {2011},
      url = {https://eprint.iacr.org/2011/197}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.