Paper 2021/221

The Direction of Updatable Encryption Does Matter

Ryo Nishimaki

Abstract

We introduce a new definition for key updates, called backward-leak uni-directional key updates, in updatable encryption (UE). This notion is a variant of uni-directional key updates for UE. We show that existing secure UE schemes in the bi-directional key updates setting are not secure in the backward-leak uni-directional key updates setting. Thus, security in the backward-leak uni-directional key updates setting is strictly stronger than security in the bi-directional key updates setting. This result is in sharp contrast to the equivalence theorem by Jiang (Asiacrypt 2020), which says security in the bi-directional key updates setting is equivalent to security in the existing uni-directional key updates setting. We call the existing uni-directional key updates ``forward-leak uni-directional'' key updates to distinguish two types of uni-directional key updates in this paper. We also present two UE schemes with the following features. - The first scheme is post-quantum secure in the backward-leak uni-directional key updates setting under the learning with errors assumption. - The second scheme is secure in the no-directional key updates setting and based on indistinguishability obfuscation and one-way functions. This result solves the open problem left by Jiang (Asiacrypt 2020).

Note: Publication information and presentation improvement. (12/21/2021) Fixing a minor issue in definitions. (11/25/2021) The presentation was improved. (9/16/2021)

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A minor revision of an IACR publication in PKC 2022
Keywords
updatable encryptionkey updatelattice
Contact author(s)
ryo nishimaki zk @ hco ntt co jp
History
2021-12-21: last of 7 revisions
2021-03-02: received
See all versions
Short URL
https://ia.cr/2021/221
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/221,
      author = {Ryo Nishimaki},
      title = {The Direction of Updatable Encryption Does Matter},
      howpublished = {Cryptology ePrint Archive, Paper 2021/221},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/221}},
      url = {https://eprint.iacr.org/2021/221}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.