Paper 2023/1337
SoK: Public Key Encryption with Openings
Abstract
When modelling how public key encryption can enable secure communication, we should acknowledge that secret information, such as private keys or the randomness used for encryption, could become compromised. Intuitively, one would expect unrelated communication to remain secure, yet formalizing this intuition has proven challenging. Several security notions have appeared that aim to capture said scenario, ranging from the multi-user setting with corruptions, via selective opening attacks (SOA), to non-committing encryption (NCE). Remarkably, how the different approaches compare has not yet been systematically explored. We provide a novel framework that maps each approach to an underlying philosophy of confidentiality: indistinguishability versus simulatability based, each with an a priori versus an a posteriori variant, leading to four distinct philosophies. In the absence of corruptions, these notions are largely equivalent; yet, in the presence of corruptions, they fall into a hierarchy of relative strengths, from IND-CPA and IND-CCA at the bottom, via indistinguishability SOA and simulatability SOA, to NCE at the top. We provide a concrete treatment for the four notions, discuss subtleties in their definitions and asymptotic interpretations and identify limitations of each. Furthermore, we re-cast the main implications of the hierarchy in a concrete security framework, summarize and contextualize other known relations, identify open problems, and close a few gaps. We end on a survey of constructions known to achieve the various notions. We identify and name a generic random-oracle construction that has appeared in various guises to prove security in seemingly different contexts. It hails back to Bellare and Rogaway's seminal work on random oracles (CCS'93) and, as previously shown, suffices to meet one of the strongest notions of our hierarchy (single-user NCE with bi-openings).
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Selective Opening AttacksMulti-User SecurityNon-Committing EncryptionCorruptions
- Contact author(s)
-
carlob @ simula no
hans heum @ ntnu no
martijn @ simula no - History
- 2023-09-08: approved
- 2023-09-07: received
- See all versions
- Short URL
- https://ia.cr/2023/1337
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2023/1337, author = {Carlo Brunetta and Hans Heum and Martijn Stam}, title = {{SoK}: Public Key Encryption with Openings}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1337}, year = {2023}, url = {https://eprint.iacr.org/2023/1337} }