Paper 2023/976
Updatable Public Key Encryption with Strong CCA Security: Security Analysis and Efficient Generic Construction
Abstract
With applications in secure messaging, Updatable Public Key Encryption (UPKE) was proposed by Jost et al. (EUROCRYPT '19) and Alwen et al. (CRYPTO '20). It is a natural relaxation of forward-secure public-key encryption. In UPKE, we can update secret keys by using update ciphertexts which any sender can generate. The UPKE schemes proposed so far that satisfy the strong CCA security are Haidar et al.'s concrete construction (CCS '22) and Dodis et al's generic construction that use Non-Interactive Zero-Knowledge (NIZK) arguments. Yet, even despite the aid of random oracles, their concrete efficiency is quite far from the most efficient CPA-secure scheme. In this paper, we first demonstrate a simple and efficient attack against Dodis et al.'s strongly CCA-secure scheme, and show how to fix it. Then, based on the observation from the attack and fix, we propose a new strongly CCA-secure generic construction for a UPKE scheme with random oracles and show that its instantiation is almost as concretely efficient as the most efficient CPA-secure one.
Note: Added another approach to fix the existing scheme, mentioned public verifiability of CU-secure UPKE, and corrected typos.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Updatable Public Key EncryptionFujisaki-Okamoto transformCCA securityGeneric construction
- Contact author(s)
-
k asano @ uec ac jp
watanabe @ uec ac jp - History
- 2024-03-21: revised
- 2023-06-22: received
- See all versions
- Short URL
- https://ia.cr/2023/976
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/976,
author = {Kyoichi Asano and Yohei Watanabe},
title = {Updatable Public Key Encryption with Strong {CCA} Security: Security Analysis and Efficient Generic Construction},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/976},
year = {2023},
url = {https://eprint.iacr.org/2023/976}
}
