Paper 2011/109
Secure Blind Decryption
Matthew Green
Abstract
In this work we construct public key encryption schemes that admit a protocol for /blindly/ decrypting ciphertexts. In a blind decryption protocol, a user with a ciphertext interacts with a secret keyholder such that the user obtains the decryption of the ciphertext and the keyholder learns nothing about what it decrypted. While we are not the first to consider this problem, previous works provided only weak security guarantees against malicious users. We provide, to our knowledge, the first practical blind decryption schemes that are secure under a strong CCA security definition. We prove our construction secure in the standard model under simple, well-studied assumptions in bilinear groups. To motivate the usefulness of this primitive we discuss several applications including privacy-preserving distributed file systems and Oblivious Transfer schemes that admit /public/ contribution.
Note: This full version contains a significantly more detailed explanation of constructions, detailed proofs of security, and an extended applications section. It also corrects a typographical error in the F-signature construction.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. This is a full version of a paper that appears in the proceedings of PKC 2011.
- Keywords
- public-key encryptionprivacy-preserving protocolssignaturesbilinear maps
- Contact author(s)
- matthewdgreen @ gmail com
- History
- 2011-03-05: received
- Short URL
- https://ia.cr/2011/109
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2011/109, author = {Matthew Green}, title = {Secure Blind Decryption}, howpublished = {Cryptology {ePrint} Archive, Paper 2011/109}, year = {2011}, url = {https://eprint.iacr.org/2011/109} }