Cryptology ePrint Archive: Report 2020/622

The Direction of Updatable Encryption does not Matter Much

Yao Jiang

Abstract: Updatable encryption schemes allow for key rotation on ciphertexts. A client outsourcing storage of encrypted data to a cloud server can change its encryption key. The cloud server can update the stored ciphertexts to the new key using only a token provided by the client.

This paper solves two open problems in updatable encryption, that of uni-directional vs. bi-directional updates, and post-quantum security.

The main result in this paper is to analyze the security notions based on uni- and bi-directional updates. Surprisingly, we prove that uni- and bi-directional variants of each security notion are equivalent.

The second result in this paper is to provide a new and highly efficient updatable encryption scheme based on the Decisional Learning with Error assumption. This gives us post-quantum security. Our scheme is bi-directional, but because of our main result, this is sufficient.

Category / Keywords: cryptographic protocols / updatable encryption, cloud storage, key rotation, lattice-based cryptography, post-quantum cryptography

Date: received 27 May 2020, last revised 17 Jun 2020

Contact author: yao jiang at ntnu no

Available format(s): PDF | BibTeX Citation

Version: 20200617:113057 (All versions of this report)

Short URL: ia.cr/2020/622


[ Cryptology ePrint archive ]