Paper 2016/373

Adaptive partitioning

Dennis Hofheinz


We present a new strategy for partitioning proofs, and use it to obtain new tightly secure encryption schemes. Specifically, we provide the following two conceptual contributions: - A new strategy for tight security reductions that leads to compact public keys and ciphertexts. - A relaxed definition of non-interactive proof systems for non-linear (``OR-type'') languages. Our definition is strong enough to act as a central tool in our new strategy to obtain tight security, and is achievable both in pairing-friendly and DCR groups. We apply these concepts in a generic construction of a tightly secure public-key encryption scheme. When instantiated in different concrete settings, we obtain the following: - A public-key encryption scheme whose chosen-ciphertext security can be tightly reduced to the DLIN assumption in a pairing-friendly group. Ciphertexts, public keys, and system parameters contain 6, 24, and 2 group elements, respectively. This improves heavily upon a recent scheme of Gay et al. (Eurocrypt 2016) in terms of public key size, at the cost of using a symmetric pairing. - The first public-key encryption scheme that is tightly chosen-ciphertext secure under the DCR assumption. While the scheme is not very practical (ciphertexts carry 29 group elements), it enjoys constant-size parameters, public keys, and ciphertexts.

Note: 2016-04-26: Corrected typos, including a problem in the formulation of key extractors. (No change of the theorems or constructions.) 2016-06-03: More typos, including a mistake in the description of honest key derivation. (No change in the theorems.) 2016-06-08: Corrected flaw in DCR-based one-time signature construction. 2016-07-03: Corrected flaw in Lemma 2.3 (part of PKE proof). No changes in construction. Added outlines of PKE proofs and fixed many typos and inconsistencies. 2017-01-22: Incorporated reviewer comments (clarifications and minor presentation changes).

Available format(s)
Public-key cryptography
Publication info
A major revision of an IACR publication in EUROCRYPT 2017
Tight security reductionspairing-friendly groupsdecisional composite residuosity
Contact author(s)
Dennis Hofheinz @ kit edu
2017-01-22: last of 8 revisions
2016-04-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Dennis Hofheinz},
      title = {Adaptive partitioning},
      howpublished = {Cryptology ePrint Archive, Paper 2016/373},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.