Paper 2017/843
Hybrid Encryption in a Multi-User Setting, Revisited
Federico Giacon, Eike Kiltz, and Bertram Poettering
Abstract
This paper contributes to understanding the interplay of security notions for PKE, KEMs, and DEMs, in settings with multiple users, challenges, and instances. We start analytically by first studying (a) the tightness aspects of the standard hybrid KEM+DEM encryption paradigm, (b) the inherent weak security properties of all deterministic DEMs due to generic key-collision attacks in the multi-instance setting, and (c) the negative effect of deterministic DEMs on the security of hybrid encryption. We then switch to the constructive side by (d) introducing the concept of an augmented data encapsulation mechanism (ADEM) that promises robustness against multi-instance attacks, (e) proposing a variant of hybrid encryption that uses an ADEM instead of a DEM to alleviate the problems of the standard KEM+DEM composition, and (f) constructing practical ADEMs that are secure in the multi-instance setting.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- hybrid encryptionmulti-user securitytightness
- Contact author(s)
- bertram poettering @ rub de
- History
- 2017-09-06: received
- Short URL
- https://ia.cr/2017/843
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/843, author = {Federico Giacon and Eike Kiltz and Bertram Poettering}, title = {Hybrid Encryption in a Multi-User Setting, Revisited}, howpublished = {Cryptology {ePrint} Archive, Paper 2017/843}, year = {2017}, url = {https://eprint.iacr.org/2017/843} }