Paper 2016/530

Generic Semantic Security against a Kleptographic Adversary

Alexander Russell, Qiang Tang, Moti Yung, and Hong-Sheng Zhou

Abstract

Notable recent security incidents have generated intense interest in adversaries which attempt to subvert---perhaps covertly---crypto\-graphic algorithms. In this paper we develop (IND-CPA) Semantically Secure encryption in this challenging setting. This fundamental encryption primitive has been previously studied in the ``kleptographic setting,'' though existing results must relax the model by introducing trusted components or otherwise constraining the subversion power of the adversary: designing a Public Key System that is kletographically semantically secure (with minimal trust) has remained elusive to date. In this work, we finally achieve such systems, even when all relevant cryptographic algorithms are subject to adversarial (kleptographic) subversion. To this end we exploit novel inter-component randomized cryptographic checking techniques (with an offline checking component), combined with common and simple software engineering modular programming techniques (applied to the system's black box specification level). Moreover, our methodology yields a strong generic technique for the preservation of any semantically secure cryptosystem when incorporated into the strong kleptographic adversary setting.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Minor revision. ACM CCS 2017
Contact author(s)
acr @ cse uconn edu
qiang @ njit edu
moti @ cs columbia edu
hszhou @ vcu edu
History
2018-09-16: last of 4 revisions
2016-05-31: received
See all versions
Short URL
https://ia.cr/2016/530
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/530,
      author = {Alexander Russell and Qiang Tang and Moti Yung and Hong-Sheng Zhou},
      title = {Generic Semantic Security against a Kleptographic Adversary},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/530},
      year = {2016},
      url = {https://eprint.iacr.org/2016/530}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.