39 research outputs found
Cryptanalysis and Improvement of an Efficient CCA Secure PKE Scheme
Recently in Chinese Journal of Computers, Kang et al. [12]
proposed an efficient CCA secure public key encryption (PKE) scheme,
and claimed that it is more efficient in the public/private keys than the
famous CS98 and BMW05 CCA secure public key encryption scheme.
However, in this paper we will show that their proposal is not secure at
all. Furthermore, we improve their scheme to be a secure one and prove its security
Chosen-Ciphertext Secure Fuzzy Identity-Based Key Encapsulation without ROM
We use hybrid encryption with Fuzzy Identity-Based Encryption (Fuzzy-IBE) schemes, and present the first and efficient fuzzy identity-based key encapsulation mechanism (Fuzzy-IB-KEM) schemes which are chosen-ciphertext secure (CCA) without random oracle in the selective-ID model. To achieve these goals, we consider Fuzzy-IBE schemes as consisting of separate key and data encapsulation mechanisms (KEM-DEM), and then give the definition of Fuzzy-IB-KEM. Our main idea is to enhance Sahai and Waters\u27 large universe construction (Sahai and Waters, 2005), chosen-plaintext secure (CPA) Fuzzy-IBE, by adding some redundant information to the ciphertext to make it CCA-secure
Efficient CCA-Secure PKE from Identity-Based Techniques
Office of Research, Singapore Management Universit
Fault attacks on pairing-based protocols revisited
Several papers have studied fault attacks on computing a pairing value e(P,Q), where P is a public point and Q is a secret point. In this paper, we observe that these attacks are in fact effective only on a small number of pairing-based protocols, and that too only when the protocols are implemented with specific symmetric pairings. We demonstrate the effectiveness of the fault attacks on a public-key encryption scheme, an identity-based encryption scheme, and an oblivious transfer protocol when implemented with a symmetric pairing derived from a supersingular elliptic curve with embedding degree 2
A Brief History of Provably-Secure Public-Key Encryption
Public-key encryption schemes are a useful and interesting field of cryptographic study. The ultimate goal for the cryptographer in the field of public-key encryption would be the production of a very efficient encryption scheme with a proof of security in a strong security model using a weak and reasonable computational assumption. This ultimate goal has yet to be reached. In this invited paper, we survey the major results that have been achieved in the quest to find such a scheme
Towards Black-Box Accountable Authority IBE with Short Ciphertexts and Private Keys
At Crypto'07, Goyal introduced the concept of Accountable Authority
Identity-Based Encryption as a convenient tool to reduce the amount of trust in
authorities in Identity-Based Encryption. In this model, if the Private Key
Generator (PKG) maliciously re-distributes users' decryption keys, it runs the
risk of being caught and prosecuted. Goyal proposed two constructions: the
first one is efficient but can only trace well-formed decryption keys to their
source; the second one allows tracing obfuscated decryption boxes in a model
(called weak black-box model) where cheating authorities have no decryption
oracle. The latter scheme is unfortunately far less efficient in terms of
decryption cost and ciphertext size. In this work, we propose a new
construction that combines the efficiency of Goyal's first proposal with a very
simple weak black-box tracing mechanism. Our scheme is described in the
selective-ID model but readily extends to meet all security properties in the
adaptive-ID sense, which is not known to be true for prior black-box schemes.Comment: 32 page
Subtleties in the Definition of IND-CCA: When and How Should Challenge-Decryption be Disallowed?
The definition of IND-CCA disallows an adversary from querying the
challenge ciphertext to its decryption oracle. We point out that there are several ways to formalize this. We show that, surprisingly, for
public-key encryption the resulting notions are not all equivalent.
We then consider the same question for key-encapsulation mechanisms
(KEMs) and show that in this case the four notions ARE all
equivalent. Our discoveries are another manifestation of the
subtleties that make the study of cryptography so attractive and are
important towards achieving the definitional clarity and unity
required for firm foundations
Chameleon all-but-one TDFs and their application to chosen-ciphertext security
A*Star SERCLecture Notes in Computer Science, 2011, Volume 6571/2011, 228-245</p