Cryptology ePrint Archive: Report 2008/440
Robust Encryption
Michel Abdalla and Mihir Bellare and Gregory Neven
Abstract: We provide a provable-security treatment of ``robust''
encryption. Robustness means it is hard to produce a ciphertext that
is valid for two different users. Robustness makes explicit a
property that has been implicitly assumed in the past. We argue that
it is an essential conjunct of anonymous encryption. We show that
natural anonymity-preserving ways to achieve it, such as adding
recipient identification information before encrypting, fail. We
provide transforms that do achieve it, efficiently and provably. We
assess the robustness of specific encryption schemes in the
literature, providing simple patches for some that lack the property.
We discuss applications including
PEKS (Public-key Encryption with Keyword Search) and auctions.
Overall our work enables safer and simpler
use of encryption.
Category / Keywords: IBE, public-key encryption, searchable encryption, auctions, CCA security.
Original Publication (with major differences): IACR-TCC-2010
DOI: 10.1007/978-3-642-11799-2_28
Date: received 13 Oct 2008, last revised 23 Dec 2016
Contact author: michel abdalla at ens fr
Available format(s): PDF | BibTeX Citation
Version: 20161224:011518 (All versions of this report)
Short URL: ia.cr/2008/440
[ Cryptology ePrint archive ]