Cryptology ePrint Archive: Report 2013/876

Public-Key Encryption with Lazy Parties

Kenji Yasunaga

Abstract: In a public-key encryption scheme, if a sender is not concerned about the security of a message and is unwilling to generate costly randomness, the security of the encrypted message can be compromised. This is caused by the \emph{laziness} of the sender. In this work, we characterize \emph{lazy parties} in cryptography. Lazy parties are regarded as honest parties in a protocol, but they are not concerned about the security of the protocol in a certain situation. In such a situation, they behave in an honest-looking way, and are unwilling to do a costly task. We study, in particular, public-key encryption with lazy parties. Specifically, as the first step toward understanding the behavior of lazy parties in public-key encryption, we consider a rather simple setting in which the costly task is to generate randomness used in algorithms, and parties can choose either costly good randomness or cheap bad randomness. We model lazy parties as rational players who behaves rationally to maximize their utilities, and define a security game between lazy parties and an adversary. A secure encryption scheme requires that the game is conducted by lazy parties in a secure way if they follow a prescribed strategy, and the prescribed strategy is a good equilibrium solution for the game. Since a standard secure encryption scheme does not work for lazy parties, we present some public-key encryption schemes that are secure for lazy parties.

Category / Keywords: public-key encryption, rational cryptography, lazy party

Original Publication (with major differences): SCN 2012

Date: received 29 Dec 2013, last revised 27 Apr 2015

Contact author: yasunaga at se kanazawa-u ac jp

Available format(s): PDF | BibTeX Citation

Version: 20150428:055926 (All versions of this report)

Short URL: ia.cr/2013/876

Discussion forum: Show discussion | Start new discussion