Cryptology ePrint Archive: Report 2015/010
Simulation-based Selective Opening CCA Security for PKE from Key Encapsulation Mechanisms
Shengli Liu and Kenneth G. Paterson
Abstract: We study simulation-based, selective opening security against chosen-ciphertext attacks (SIM-SO-CCA security) for public key encryption (PKE). In a selective opening, chosen-ciphertext attack (SO-CCA), an adversary has access to a decryption oracle, sees a vector of ciphertexts, adaptively chooses to open some of them, and obtains the corresponding plaintexts and random coins used in the creation of the ciphertexts. The SIM-SO-CCA notion captures the security of unopened ciphertexts with respect to probabilistic polynomial-time (ppt) SO-CCA adversaries in a semantic way: what a ppt SO-CCA adversary can compute can also be simulated by a ppt simulator with access only to the opened messages. Building on techniques used to achieve weak deniable encryption and non-committing encryption, Fehr et al. (Eurocrypt 2010) presented an approach to constructing SIM-SO-CCA secure PKE from extended hash proof systems (EHPSs), collision-resistant hash functions and an information-theoretic primitive called Cross Authentication Codes (XACs). We generalize their approach by introducing a special type of Key Encapsulation Mechanism (KEM) and using it to build SIM-SO-CCA secure PKE. We investigate what properties are needed from the KEM to achieve SIM-SO-CCA security. We also give three instantiations of our construction. The first uses hash proof systems, the second relies on the n-Linear assumption, and the third uses indistinguishability obfuscation (iO) in combination with extracting, puncturable Pseudo-Random Functions in a similar way to Sahai and Waters (STOC 2014). Our results establish the existence of SIM-SO-CCA secure PKE assuming only the existence of one-way functions and iO. This result further highlights the simplicity and power of iO in constructing different cryptographic primitives.
Category / Keywords: public-key cryptography; selective opening
Original Publication (with major differences): IACR-PKC-2015
Date: received 6 Jan 2015, last revised 10 Jan 2015
Contact author: slliu at sjtu edu cn
Available format(s): PDF | BibTeX Citation
Note: An extended abstract of this paper will be published in the proceedings of the 18th International Conference on Practice and Theory in Public-Key Cryptography (PKC 2015). This is the full version.
Version: 20150110:074911 (All versions of this report)
Short URL: ia.cr/2015/010
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]