Paper 2024/794

Detecting Rogue Decryption in (Threshold) Encryption via Self-Incriminating Proofs

James Hsin-yu Chiang, Aarhus University
Bernardo David, IT University of Copenhagen
Tore Kasper Frederiksen, Zama
Arup Mondal, Ashoka University
Esra Yeniaras, IT University of Copenhagen
Abstract

Keeping decrypting parties accountable in public key encryption is notoriously hard since the secret key owner can decrypt any arbitrary ciphertext. Threshold encryption aims to solve this issue by distributing the power to decrypt among a set of parties, who must interact via a decryption protocol. However, such parties can employ cryptographic tools such as Multiparty Computation (MPC) to decrypt arbitrary ciphertexts without being detected. We introduce the notion of (threshold) encryption with Self-Incriminating Proofs, where parties must produce a self-incriminating proof of decryption when decrypting every ciphertext. In the standard public key encryption case, the adversary could destroy these proofs, so we strengthen our notion to guarantee that the proofs are published when decryption succeeds. This creates a decryption audit trail, which is useful in scenarios where decryption power is held by a single trusted party (e.g., a Trusted Execution Environment) who must be kept accountable. In the threshold case, we ensure that at least one of the parties who execute the decryption protocol will learn a self-incriminating proof, even if they employ advanced tools such as MPC. The fact that a party learns the proof and may leak it at any moment functions as a deterrent for parties who do not wish to be identified as malicious decryptors (e.g., a commercial operator of a service based on threshold encryption). We investigate the (im)possibility and applications of our notions while providing matching constructions under appropriate assumptions. In the threshold case, we build on recent results on Individual Cryptography (CRYPTO 2023).

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Contact author(s)
jachiang @ cs au dk
bernardo @ bmdavid com
tore frederiksen @ zama ai
arup mondal_phd19 @ ashoka edu in
esye @ itu dk
History
2024-05-24: revised
2024-05-22: received
See all versions
Short URL
https://ia.cr/2024/794
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/794,
      author = {James Hsin-yu Chiang and Bernardo David and Tore Kasper Frederiksen and Arup Mondal and Esra Yeniaras},
      title = {Detecting Rogue Decryption in (Threshold) Encryption via Self-Incriminating Proofs},
      howpublished = {Cryptology ePrint Archive, Paper 2024/794},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/794}},
      url = {https://eprint.iacr.org/2024/794}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.