Paper 2023/1400
Efficient Updatable Public-Key Encryption from Lattices
Abstract
Updatable public key encryption has recently been introduced as a solution to achieve forward-security in the context of secure group messaging without hurting efficiency, but so far, no efficient lattice-based instantiation of this primitive is known. In this work, we construct the first LWE-based UPKE scheme with polynomial modulus-to-noise rate, which is CPA-secure in the standard model. At the core of our security analysis is a generalized reduction from the standard LWE problem to (a stronger version of) the Extended LWE problem. We further extend our construction to achieve stronger security notions by proposing two generic transforms. Our first transform allows to obtain CCA security in the random oracle model and adapts the Fujisaki-Okamoto transform to the UPKE setting. Our second transform allows to achieve security against malicious updates by adding a NIZK argument in the update mechanism. In the process, we also introduce the notion of Updatable Key Encapsulation Mechanism (UKEM), as the updatable variant of KEMs. Overall, we obtain a CCA-secure UKEM in the random oracle model whose ciphertext sizes are of the same order of magnitude as that of CRYSTALS-Kyber.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- A minor revision of an IACR publication in ASIACRYPT 2023
- Keywords
- Updatable Public Key EncryptionForward secrecyPublic Key Encryption
- Contact author(s)
-
calvin abou-haidar @ ens-lyon fr
alain passelegue @ cryptolab co kr
damien stehle @ cryptolab co kr - History
- 2023-10-02: revised
- 2023-09-18: received
- See all versions
- Short URL
- https://ia.cr/2023/1400
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1400, author = {Calvin Abou Haidar and Alain Passelègue and Damien Stehlé}, title = {Efficient Updatable Public-Key Encryption from Lattices}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1400}, year = {2023}, url = {https://eprint.iacr.org/2023/1400} }