Cryptology ePrint Archive: Report 2022/256

Multi-Designated Receiver Signed Public Key Encryption

Ueli Maurer and Christopher Portmann and Guilherme Rito

Abstract: This paper introduces a new type of public-key encryption scheme, called Multi-Designated Receiver Signed Public Key Encryption (MDRS-PKE), which allows a sender to select a set of designated receivers and both encrypt and sign a message that only these receivers will be able to read and authenticate (confidentiality and authenticity). An MDRS-PKE scheme provides several additional security properties which allow for a fundamentally new type of communication not considered before. Namely, it satisfies consistency---a dishonest sender cannot make different receivers receive different messages---off-the-record---a dishonest receiver cannot convince a third party of what message was sent (e.g., by selling their secret key), because dishonest receivers have the ability to forge signatures---and anonymity---parties that are not in the set of designated receivers cannot identify who the sender and designated receivers are.

We give a construction of an MDRS-PKE scheme from standard assumptions. At the core of our construction lies yet another new type of public-key encryption scheme, which is of independent interest: Public Key Encryption for Broadcast (PKEBC) which provides all the security guarantees of MDRS-PKE schemes, except authenticity.

We note that MDRS-PKE schemes give strictly more guarantees than Multi-Designated Verifier Signatures (MDVS) schemes with privacy of identities. This in particular means that our MDRS-PKE construction yields the first MDVS scheme with privacy of identities from standard assumptions. The only prior construction of such schemes was based on Verifiable Functional Encryption for general circuits (Damgå rd et al., TCC '20).

Category / Keywords: public-key cryptography / Consistency, Off-The-Record, Encryption Schemes, Designated Receiver, Signatures

Original Publication (with major differences): IACR-EUROCRYPT-2022

Date: received 26 Feb 2022

Contact author: guilherme teixeira rito at gmail com, guilherme teixeira at inf ethz ch, chportma at gmail com, maurer at inf ethz ch

Available format(s): PDF | BibTeX Citation

Version: 20220302:140106 (All versions of this report)

Short URL: ia.cr/2022/256


[ Cryptology ePrint archive ]