Cryptology ePrint Archive: Report 2014/876

Resisting Randomness Subversion: Fast Deterministic and Hedged Public-key Encryption in the Standard Model

Mihir Bellare and Viet Tung Hoang

Abstract: This paper provides the first efficient, standard-model, fully-secure schemes for some related and challenging forms of public-key encryption (PKE), namely deterministic and hedged PKE. These forms of PKE defend against subversion of random number generators, an end given new urgency by recent revelations on the nature and extent of such subversion. We resolve the (recognized) technical challenges in reaching these goals via a new paradigm that combines UCEs (universal computational extractors) with LTDFs (lossy trapdoor functions). Crucially, we rely only on a weak form of UCE, namely security for statistically (rather than computationally) unpredictable sources. We then define and achieve unique-ciphertext PKE as a way to defend against implementation subversion via algorithm-substitution attacks.

Category / Keywords: Deterministic encryption, Hedged encryption, randomness, subversion

Original Publication (with major differences): IACR-EUROCRYPT-2015

Date: received 22 Oct 2014, last revised 11 Feb 2015

Contact author: tvhoang at umd edu

Available format(s): PDF | BibTeX Citation

Version: 20150212:010150 (All versions of this report)

Short URL: ia.cr/2014/876

Discussion forum: Show discussion | Start new discussion