Paper 2015/860

Selective Opening Security for Receivers

Carmit Hazay, Arpita Patra, and Bogdan Warinschi

Abstract

In a selective opening (SO) attack an adversary breaks into a subset of honestly created ciphertexts and tries to learn information on the plaintexts of some untouched (but potentially related) ciphertexts. Contrary to intuition, standard security notions do not always imply security against this type of adversary, making SO security an important standalone goal. In this paper we study {\em receiver security}, where the attacker is allowed to obtain the decryption keys corresponding to some of the ciphertexts. First we study the relation between two existing security definitions, one based on simulation and the other based on indistinguishability, and show that the former is strictly stronger. We continue with feasibility results for both notions which we show can be achieved from (variants of) non-committing encryption schemes. In particular, we show that indistinguishability-based SO security can be achieved from a tweaked variant of non-committing encryption which, in turn, can be instantiated from a variety of basic, well-established, assumptions. We conclude our study by showing that SO security is however strictly weaker than all variants of non-committing encryption that we consider, leaving potentially more efficient constructions as an interesting open problem.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2015
Keywords
Selective Opening AttacksEncryption SchemesNon-committing Encryption
Contact author(s)
arpitapatra10 @ gmail com
carmit hazay @ gmail com
bogdan @ compsci bristol ac uk
History
2015-09-15: revised
2015-09-06: received
See all versions
Short URL
https://ia.cr/2015/860
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/860,
      author = {Carmit Hazay and Arpita Patra and Bogdan Warinschi},
      title = {Selective Opening Security for Receivers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/860},
      year = {2015},
      url = {https://eprint.iacr.org/2015/860}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.