Besides a security definition, we offer two reconfigurable encryption schemes, and one reconfigurable signature scheme. Our first reconfigurable encryption scheme uses indistinguishability obfuscation (however only in the CRS) to adaptively derive short-term keys from long-term keys. The security of long-term keys can be based on a one-way function, and the security of both the indistinguishability obfuscation and the actual encryption scheme can be increased on-the-fly, by changing the CRS. We stress that our scheme remains secure even if previous short-term secret keys are leaked.
Our second reconfigurable encryption scheme has a similar structure (and similar security properties), but relies on a pairing-friendly group instead of obfuscation. Its security is based on the recently introduced hierarchy of \(k\)-SCasc assumptions. Similar to the \(k\)-Linear assumption, it is known that \(k\)-SCasc implies \((k+1)\)-SCasc, and that this implication is proper in the generic group model. Our system allows to increase \(k\) on-the-fly, just by changing the CRS. In that sense, security can be increased without changing any long-term keys.
We also offer a reconfigurable signature scheme based on the same hierarchy of assumptions.Category / Keywords: public-key cryptography / long-term security, security definitions, public-key cryptography Original Publication (in the same form): IACR-TCC-2016 Date: received 28 Oct 2015 Contact author: julia hesse at kit edu Available format(s): PDF | BibTeX Citation Version: 20151029:213049 (All versions of this report) Short URL: ia.cr/2015/1047 Discussion forum: Show discussion | Start new discussion