Cryptology ePrint Archive: Report 2008/440

Robust Encryption

Michel Abdalla and Mihir Bellare and Gregory Neven

Abstract: We provide a provable-security treatment of ``robust'' encryption. Robustness means it is hard to produce a ciphertext that is valid for two different users. Robustness makes explicit a property that has been implicitly assumed in the past. We argue that it is an essential conjunct of anonymous encryption. We show that natural anonymity-preserving ways to achieve it, such as adding recipient identification information before encrypting, fail. We provide transforms that do achieve it, efficiently and provably. We assess the robustness of specific encryption schemes in the literature, providing simple patches for some that lack the property. We discuss applications including PEKS (Public-key Encryption with Keyword Search) and auctions. Overall our work enables safer and simpler use of encryption.

Category / Keywords: IBE, public-key encryption, searchable encryption, auctions, CCA security.

Original Publication (with major differences): IACR-TCC-2010
DOI: 10.1007/978-3-642-11799-2_28

Date: received 13 Oct 2008, last revised 23 Dec 2016

Contact author: michel abdalla at ens fr

Available format(s): PDF | BibTeX Citation

Version: 20161224:011518 (All versions of this report)

Short URL: ia.cr/2008/440

Discussion forum: Show discussion | Start new discussion