### Obfuscation ==> (IND-CPA Security =/=> Circular Security)

Antonio Marcedone and Claudio Orlandi

##### Abstract

Circular security is an important notion for public-key encryption schemes and is needed by several cryptographic protocols. In circular security the adversary is given an extra hint'' consisting of a cycle of encryption of secret keys i.e., (E_{pk_1}(sk_2),..., E_{pk_n}(sk_1)). A natural question is whether every IND-CPA encryption scheme is also circular secure. It is trivial to see that this is not the case when n=1. In 2010 a separation for n=2 was shown by [ABBC10,GH10] under standard assumptions in bilinear groups. In this paper we finally settle the question showing that for every $n$ there exist an IND-CPA secure scheme which is not n-circular secure. Our result relies on the recent progress in program obfuscation.

Available format(s)
Category
Foundations
Publication info
Preprint. MINOR revision.
Keywords
Circular SecurityRelated Key AttackObfuscation.
Contact author(s)
orlandi @ cs au dk
History
2014-05-02: last of 5 revisions
See all versions
Short URL
https://ia.cr/2013/690

CC BY

BibTeX

@misc{cryptoeprint:2013/690,
author = {Antonio Marcedone and Claudio Orlandi},
title = {Obfuscation ==> (IND-CPA Security =/=> Circular Security)},
howpublished = {Cryptology ePrint Archive, Paper 2013/690},
year = {2013},
note = {\url{https://eprint.iacr.org/2013/690}},
url = {https://eprint.iacr.org/2013/690}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.