Receiver-anonymity in rerandomizable RCCA-secure cryptosystems resolved

Receiver-anonymity in rerandomizable RCCA-secure cryptosystems resolved

In this work we resolve the open problem raised by Prabhakaran and Rosulek at CRYPTO 2007, and present the first anonymous, rerandomizable, Replayable-CCA (RCCA) secure public-key encryption scheme. This solution opens the door to numerous privacy-oriented applications with a highly desired RCCA sec...

Full description

Saved in:
Bibliographic Details
Main Authors: WANG, Yi, CHEN, Rongmao, YANG, Guomin, HUANG, Xinyi, WANG, Baosheng, YUNG, Moti
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2021
Subjects:
RCCA security
Receiver-anonymity
Smooth projective hash function
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/7411
https://ink.library.smu.edu.sg/context/sis_research/article/8414/viewcontent/Receiver_Anonymity_in_Rerandomizable_RCCA_Secure_Cryptosystems_Resolved.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:In this work we resolve the open problem raised by Prabhakaran and Rosulek at CRYPTO 2007, and present the first anonymous, rerandomizable, Replayable-CCA (RCCA) secure public-key encryption scheme. This solution opens the door to numerous privacy-oriented applications with a highly desired RCCA security level. At the core of our construction is a non-trivial extension of smooth projective hash functions (Cramer and Shoup, EUROCRYPT 2002), and a modular generic framework developed for constructing rerandomizable RCCA-secure encryption schemes with receiver-anonymity. The framework gives an enhanced abstraction of the original Prabhakaran and Rosulek’s scheme (which was the first construction of rerandomizable RCCA-secure encryption in the standard model), where the most crucial enhancement is the first realization of the desirable property of receiver-anonymity, essential to privacy settings. It also serves as a conceptually more intuitive and generic understanding of RCCA security, which leads, for example, to new implementations of the notion. Finally, note that (since CCA security is not applicable to the privacy applications motivating our work) the concrete results and the conceptual advancement presented here, seem to substantially expand the power and relevance of the notion of rerandomizable RCCA-secure encryption.

Similar Items