Paper 2018/1091

Simulation-based Receiver Selective Opening CCA Secure PKE from Standard Computational Assumptions

Keisuke Hara, Fuyuki Kitagawa, Takahiro Matsuda, Goichiro Hanaoka, and Keisuke Tanaka

Abstract

In the situation where there are one sender and multiple receivers, a receiver selective opening (RSO) attack for a public key encryption (PKE) scheme considers adversaries that can corrupt some of the receivers and get their secret keys and plaintexts. Security against RSO attacks for a PKE scheme ensures confidentiality of ciphertexts of uncorrupted receivers. Simulation-based RSO security against chosen ciphertext attacks (SIM-RSO-CCA) is the strongest security notion in all RSO attack scenarios. Jia, Lu, and Li (INDOCRYPT 2016) proposed the first SIM-RSO-CCA secure PKE scheme. However, their scheme used indistinguishablility obfuscation, which is not known to be constructed from any standard computational assumption. In this paper, we give two contributions for constructing SIM-RSO-CCA secure PKE from standard computational assumptions. Firstly, we propose a generic construction of SIM-RSO-CCA secure PKE using an IND-CPA secure PKE scheme and a non-interactive zero-knowledge proof system satisfying one-time simulation soundness. Secondly, we propose an efficient and concrete construction of SIM-RSO-CCA secure PKE based on the decisional Diffie-Hellman (DDH) assumption. Moreover, we give a method for efficiently expanding the plaintext space of the DDH-based construction. By applying this method to the construction, we obtain the first DDH-based SIM-RSO-CCA secure PKE scheme supporting a super-polynomially large plaintext space with compact ciphertexts.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Major revision. SCN2018
DOI
10.1007/978-3-319-98113-0_8
Keywords
public key encryptionreceiver selective opening securitychosen ciphertext security
Contact author(s)
hara k am @ m titech ac jp
History
2018-11-12: received
Short URL
https://ia.cr/2018/1091
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/1091,
      author = {Keisuke Hara and Fuyuki Kitagawa and Takahiro Matsuda and Goichiro Hanaoka and Keisuke Tanaka},
      title = {Simulation-based Receiver Selective Opening CCA Secure PKE from Standard Computational Assumptions},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1091},
      year = {2018},
      doi = {10.1007/978-3-319-98113-0_8},
      note = {\url{https://eprint.iacr.org/2018/1091}},
      url = {https://eprint.iacr.org/2018/1091}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.