Cryptology ePrint Archive: Report 2013/704

Adaptive Witness Encryption and Asymmetric Password-based Cryptography

Mihir Bellare and Viet Tung Hoang

Abstract: We show by counter-example that the soundness security requirement for witness encryption given by Garg, Gentry, Sahai and Waters (STOC 2013) does not suffice for the security of their own applications. We introduce adaptively-sound (AS) witness encryption to fill the gap. We then introduce asymmetric password-based encryption (A-PBE). This offers gains over classical, symmetric password-based encryption in the face of attacks that compromise servers to recover hashed passwords. We distinguish between invasive A-PBE schemes (they introduce new password-based key-derivation functions) and non-invasive ones (they can use existing, deployed password-based key-derivation functions). We give simple and efficient invasive A-PBE schemes and use AS-secure witness encryption to give non-invasive A-PBE schemes.

Category / Keywords: foundations / Passwords, witness encryption

Original Publication (with major differences): IACR-PKC-2015

Date: received 28 Oct 2013, last revised 11 Feb 2015

Contact author: vth005 at eng ucsd edu

Available format(s): PDF | BibTeX Citation

Version: 20150212:020642 (All versions of this report)

Short URL: ia.cr/2013/704

Discussion forum: Show discussion | Start new discussion