Paper 2017/843

Hybrid Encryption in a Multi-User Setting, Revisited

Federico Giacon, Eike Kiltz, and Bertram Poettering

Abstract

This paper contributes to understanding the interplay of security notions for PKE, KEMs, and DEMs, in settings with multiple users, challenges, and instances. We start analytically by first studying (a) the tightness aspects of the standard hybrid KEM+DEM encryption paradigm, (b) the inherent weak security properties of all deterministic DEMs due to generic key-collision attacks in the multi-instance setting, and (c) the negative effect of deterministic DEMs on the security of hybrid encryption. We then switch to the constructive side by (d) introducing the concept of an augmented data encapsulation mechanism (ADEM) that promises robustness against multi-instance attacks, (e) proposing a variant of hybrid encryption that uses an ADEM instead of a DEM to alleviate the problems of the standard KEM+DEM composition, and (f) constructing practical ADEMs that are secure in the multi-instance setting.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
hybrid encryptionmulti-user securitytightness
Contact author(s)
bertram poettering @ rub de
History
2017-09-06: received
Short URL
https://ia.cr/2017/843
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/843,
      author = {Federico Giacon and Eike Kiltz and Bertram Poettering},
      title = {Hybrid Encryption in a Multi-User Setting, Revisited},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/843},
      year = {2017},
      url = {https://eprint.iacr.org/2017/843}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.