Paper 2002/060
A Forward-Secure Public-Key Encryption Scheme
Jonathan Katz
Abstract
Cryptographic computations are often carried out on insecure devices for which the threat of key exposure represents a serious and realistic concern. In an effort to mitigate the damage caused by exposure of secret data stored on such devices, the paradigm of \emph{forward security} was introduced. In this model, secret keys are updated at regular intervals throughout the lifetime of the system; furthermore, exposure of a secret key corresponding to a given interval does not enable an adversary to ``break'' the system (in the appropriate sense) for any \emph{prior} time period. A number of constructions of forward-secure digital signature schemes and symmetric-key schemes are known. We present the first construction of a forward-secure public-key encryption scheme whose security is based on the bilinear Diffie-Hellman assumption in the random oracle model. Our scheme can be extended to achieve chosen-ciphertext security at minimal additional cost. The construction we give is quite efficient: all parameters of the scheme grow (at most) poly-logarithmically with the total number of time periods.
Note: Superseded by the version appearing in Eurocrypt 2003 (a full version of which is available at http://eprint.iacr.org/2003/083).
Metadata
- Available format(s)
-
PDF
PS
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- forward-securityencryption
- Contact author(s)
- jkatz @ cs umd edu
- History
- 2003-05-02: last of 2 revisions
- 2002-05-24: received
- See all versions
- Short URL
- https://ia.cr/2002/060
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2002/060,
author = {Jonathan Katz},
title = {A Forward-Secure Public-Key Encryption Scheme},
howpublished = {Cryptology {ePrint} Archive, Paper 2002/060},
year = {2002},
url = {https://eprint.iacr.org/2002/060}
}
