Chosen-Ciphertext Secure Dual-Receiver Encryption in the Standard Model Based on Post-Quantum Assumptions

Laurin Benz; Wasilij Beskorovajnov; Sarai Eilebrecht; Roland Gröll; Maximilian Müller; Jörn Müller-Quade

Paper 2024/094

Chosen-Ciphertext Secure Dual-Receiver Encryption in the Standard Model Based on Post-Quantum Assumptions

Laurin Benz

, Karlsruhe Institute of Technology, KASTEL Security Research Labs

Wasilij Beskorovajnov, Research Center for Information Technology

Sarai Eilebrecht, Research Center for Information Technology

Roland Gröll, Research Center for Information Technology

Maximilian Müller, Research Center for Information Technology

Jörn Müller-Quade, Karlsruhe Institute of Technology, KASTEL Security Research Labs

Abstract

Dual-receiver encryption (DRE) is a special form of public key encryption (PKE) that allows a sender to encrypt a message for two recipients. Without further properties, the difference between DRE and PKE is only syntactical. One such important property is soundness, which requires that no ciphertext can be constructed such that the recipients decrypt to different plaintexts. Many applications rely on this property in order to realize more complex protocols or primitives. In addition, many of these applications explicitly avoid the usage of the random oracle, which poses an additional requirement on a DRE construction. We show that all of the IND-CCA2 secure standard model DRE constructions based on post-quantum assumptions fall short of augmenting the constructions with soundness and describe attacks thereon. We then give an overview over all applications of IND-CCA2 secure DRE, group them into generic (i. e., applications using DRE as black-box) and non-generic applications and demonstrate that all generic ones require either soundness or public verifiability. Conclusively, we identify the gap of sound and IND-CCA2 secure DRE constructions based on post-quantum assumptions in the standard Model. In order to fill this gap we provide two IND-CCA2 secure DRE constructions based on the standard post-quantum assumptions, Normal Form Learning With Errors (NLWE) and Learning Parity with Noise (LPN).

Metadata

Available format(s): PDF
Category: Public-key cryptography
Publication info: Preprint.
Keywords: Dual-receiver encryption (DRE)Soundness Hybrid Encryption NLWE LPN Post-Quantum IND-CCA2 Standard Model
Contact author(s): laurin benz @ kit edu
beskorovajnov @ fzi de
eilebrecht @ fzi de
groell @ fzi de
m mueller @ fzi de
joern mueller-quade @ kit edu
History: 2024-01-22: approved; 2024-01-21: received; See all versions
Short URL: https://ia.cr/2024/094
License: CC BY

BibTeX

@misc{cryptoeprint:2024/094,
      author = {Laurin Benz and Wasilij Beskorovajnov and Sarai Eilebrecht and Roland Gröll and Maximilian Müller and Jörn Müller-Quade},
      title = {Chosen-Ciphertext Secure Dual-Receiver Encryption in the Standard Model Based on Post-Quantum Assumptions},
      howpublished = {Cryptology ePrint Archive, Paper 2024/094},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/094}},
      url = {https://eprint.iacr.org/2024/094}
}