644 research outputs found
Semantic Security and Indistinguishability in the Quantum World
At CRYPTO 2013, Boneh and Zhandry initiated the study of quantum-secure
encryption. They proposed first indistinguishability definitions for the
quantum world where the actual indistinguishability only holds for classical
messages, and they provide arguments why it might be hard to achieve a stronger
notion. In this work, we show that stronger notions are achievable, where the
indistinguishability holds for quantum superpositions of messages. We
investigate exhaustively the possibilities and subtle differences in defining
such a quantum indistinguishability notion for symmetric-key encryption
schemes. We justify our stronger definition by showing its equivalence to novel
quantum semantic-security notions that we introduce. Furthermore, we show that
our new security definitions cannot be achieved by a large class of ciphers --
those which are quasi-preserving the message length. On the other hand, we
provide a secure construction based on quantum-resistant pseudorandom
permutations; this construction can be used as a generic transformation for
turning a large class of encryption schemes into quantum indistinguishable and
hence quantum semantically secure ones. Moreover, our construction is the first
completely classical encryption scheme shown to be secure against an even
stronger notion of indistinguishability, which was previously known to be
achievable only by using quantum messages and arbitrary quantum encryption
circuits.Comment: 37 pages, 2 figure
A Trusted Third-party (TTP) based Encryption Scheme for Ensuring Data Confidentiality in Cloud Environment
AbstractCloud computing is an emerging paradigm that affects a large part of the IT industry by offering dynamically scalable resources (e.g., hardware and software) that are provisioned as a service over the Internet. Cloud computing provides numerous advantages to organizations in terms of improved scalability, lower cost, and flexibility, to name a few. Despite these technical and economical advantages, many potential cloud consumers are still hesitant to adopt cloud computing due to security and privacy concerns. In particular, one of the main factors for the reluctance of organizations to adopt cloud computing is the lack of strong encryption scheme that can ensure the confidentiality of client's data while store in cloud service provider's (CSPs) data centers. With the existing encryption schemes adopted by the CSPs, there is always a possibility that the client's data can be compromised due to insider threats. In this paper, we propose a new scheme capable to secure client information from both insider and outsider threats. In particular, we develop an encryption scheme by combining both symmetric and asymmetric cryptographic algorithms, which provide strong data confidentiality preserving secret key encryption functionalities, including periodically renewable public key certificates through trusted third parties. Due to these functionalities, the data owner can utilize the best secret key encryption schemes while the trusted third party will hold and communicate the secret keys to CSPs on behalf of cloud service users (CSUs)
Key Dependent Message Security and Receiver Selective Opening Security for Identity-Based Encryption
We construct two identity-based encryption (IBE) schemes. The first one is IBE satisfying key dependent message (KDM) security for user secret keys. The second one is IBE satisfying simulation-based receiver selective opening (RSO) security. Both schemes are secure against adaptive-ID attacks and do not have any a-priori bound on the number of challenge identities queried by adversaries in the security games. They are the first constructions of IBE satisfying such levels of security.
Our constructions of IBE are very simple. We construct our KDM secure IBE by transforming KDM secure secret-key encryption using IBE satisfying only ordinary indistinguishability against adaptive-ID attacks (IND-ID-CPA security). Our simulation-based RSO secure IBE is based only on IND-ID-CPA secure IBE.
We also demonstrate that our construction technique for KDM secure IBE is used to construct KDM secure public-key encryption. More precisely, we show how to construct KDM secure public-key encryption from KDM secure secret-key encryption and public-key encryption satisfying only ordinary indistinguishability against chosen plaintext attacks
DoubleMod and SingleMod: Simple Randomized Secret-Key Encryption with Bounded Homomorphicity
An encryption relation f Z Z with decryption function f 1 is “group-homomorphic”
if, for any suitable plaintexts x1 and x2, x1+x2 = f 1( f (x1)+f (x2)). It is “ring-homomorphic”
if furthermore x1x2 = f 1( f (x1) f (x2)); it is “field-homomorphic” if furthermore 1=x1 =
f 1( f (1=x1)). Such relations would support oblivious processing of encrypted data.
We propose a simple randomized encryption relation f over the integers, called
DoubleMod, which is “bounded ring-homomorphic” or what some call ”somewhat homomorphic.”
Here, “bounded” means that the number of additions and multiplications that can
be performed, while not allowing the encrypted values to go out of range, is limited (any
pre-specified bound on the operation-count can be accommodated). Let R be any large integer.
For any plaintext x 2 ZR, DoubleMod encrypts x as f (x) = x + au + bv, where a
and b are randomly chosen integers in some appropriate interval, while (u; v) is the secret
key. Here u > R2 is a large prime and the smallest prime factor of v exceeds u. With
knowledge of the key, but not of a and b, the receiver decrypts the ciphertext by computing
f 1(y) = (y mod v) mod u.
DoubleMod generalizes an independent idea of van Dijk et al. 2010. We present and
refine a new CCA1 chosen-ciphertext attack that finds the secret key of both systems (ours
and van Dijk et al.’s) in linear time in the bit length of the security parameter. Under a
known-plaintext attack, breaking DoubleMod is at most as hard as solving the Approximate
GCD (AGCD) problem. The complexity of AGCD is not known.
We also introduce the SingleMod field-homomorphic cryptosystems. The simplest
SingleMod system based on the integers can be broken trivially. We had hoped, that if
SingleMod is implemented inside non-Euclidean quadratic or higher-order fields with large
discriminants, where GCD computations appear di cult, it may be feasible to achieve a
desired level of security. We show, however, that a variation of our chosen-ciphertext attack
works against SingleMod even in non-Euclidean fields
Obfuscation for Cryptographic Purposes
An obfuscation of a function F should satisfy two requirements: firstly, using it should be possible to evaluate F; secondly, should not reveal anything about F that cannot be learnt from oracle access to F. Several definitions for obfuscation exist. However, most of them are either too weak for or incompatible with cryptographic applications, or have been shown impossible to achieve, or both.
We give a new definition of obfuscation and argue for its reasonability and usefulness. In particular, we show that it is strong enough for cryptographic applications, yet we show that it has the potential for interesting positive results. We illustrat
- …