Paper 2018/016

New Techniques for Public Key Encryption with Sender Recovery

Murali Godi and Roopa Vishwanathan

Abstract

In this paper, we consider a scenario where a sender transmits ciphertexts to multiple receivers using a public-key encryption scheme, and at a later point of time, wants to retrieve the plaintexts, without having to request the receivers' help in decrypting the ciphertexts, and without having to locally store a separate recovery key for every receiver the sender interacts with. This problem, known as public key encryption with sender recovery has intuitive solutions based on hybrid encryption-based key encapsulation mechanism and data encapsulation mechanism (KEM/DEM) schemes. We propose a KEM/DEM-based solution that is CCA2-secure, allows for multiple receivers, only requires the receivers to be equipped with public/secret keypairs (the sender needs only a single symmetric recovery key), and uses an analysis technique called plaintext randomization that results in greatly simplified, clean, and intuitive proofs compared to prior work in this area. We instantiate our protocol for public key encryption with sender recovery with the Cramer-Shoup hybrid encryption scheme.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
public key encryption
Contact author(s)
roopav @ nmsu edu
History
2018-01-04: received
Short URL
https://ia.cr/2018/016
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/016,
      author = {Murali Godi and Roopa Vishwanathan},
      title = {New Techniques for Public Key Encryption with Sender Recovery},
      howpublished = {Cryptology ePrint Archive, Paper 2018/016},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/016}},
      url = {https://eprint.iacr.org/2018/016}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.