Paper 2021/221
The Direction of Updatable Encryption Does Matter
Abstract
We introduce a new definition for key updates, called backward-leak uni-directional key updates, in updatable encryption (UE). This notion is a variant of uni-directional key updates for UE. We show that existing secure UE schemes in the bi-directional key updates setting are not secure in the backward-leak uni-directional key updates setting. Thus, security in the backward-leak uni-directional key updates setting is strictly stronger than security in the bi-directional key updates setting. This result is in sharp contrast to the equivalence theorem by Jiang (Asiacrypt 2020), which says security in the bi-directional key updates setting is equivalent to security in the existing uni-directional key updates setting. We call the existing uni-directional key updates ``forward-leak uni-directional'' key updates to distinguish two types of uni-directional key updates in this paper. We also present a UE scheme that is secure in the backward-leak uni-directional key updates setting under the learning with errors assumption.
Note: Retracted the obfuscation-based construction. (2024/4/18) Publication information and presentation improvement. (12/21/2021) Fixing a minor issue in definitions. (11/25/2021) The presentation was improved. (9/16/2021)
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- A major revision of an IACR publication in PKC 2022
- Keywords
- updatable encryptionkey updatelattice
- Contact author(s)
- ryo nishimaki @ ntt com
- History
- 2024-04-19: last of 8 revisions
- 2021-03-02: received
- See all versions
- Short URL
- https://ia.cr/2021/221
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/221,
author = {Ryo Nishimaki},
title = {The Direction of Updatable Encryption Does Matter},
howpublished = {Cryptology {ePrint} Archive, Paper 2021/221},
year = {2021},
url = {https://eprint.iacr.org/2021/221}
}
