Cryptology ePrint Archive: Report 2013/704
Adaptive Witness Encryption and Asymmetric Password-based Cryptography
Mihir Bellare and Viet Tung Hoang
Abstract: We show by counter-example that the soundness security requirement for witness encryption given by Garg, Gentry, Sahai and Waters (STOC 2013) does not suffice for the security of their own applications. We introduce adaptively-sound (AS) witness encryption to fill the gap. We then introduce asymmetric password-based encryption (A-PBE). This offers gains over classical, symmetric password-based encryption in the face of attacks that compromise servers to recover hashed passwords. We distinguish between invasive A-PBE schemes (they introduce new password-based key-derivation functions) and non-invasive ones (they can use existing, deployed password-based key-derivation functions). We give simple and efficient invasive A-PBE schemes and use AS-secure witness encryption to give non-invasive A-PBE schemes.
Category / Keywords: foundations / Passwords, witness encryption
Original Publication (with major differences): IACR-PKC-2015
Date: received 28 Oct 2013, last revised 11 Feb 2015
Contact author: vth005 at eng ucsd edu
Available format(s): PDF | BibTeX Citation
Version: 20150212:020642 (All versions of this report)
Short URL: ia.cr/2013/704
[ Cryptology ePrint archive ]