Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts
CCA security is desirable when designing encryption schemes because it captures active attackers. One efficient approach for achieving CCA security is to use generic conversions. We first design a CPA secure scheme, and then transform it into a CCA secure scheme using the Fujisaki-Okamoto technique...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2022
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7727 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8730 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-87302023-01-10T02:00:04Z Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts LAI, J GUO, F SUSILO, W JIANG, P YANG, Guomin HUANG, X. CCA security is desirable when designing encryption schemes because it captures active attackers. One efficient approach for achieving CCA security is to use generic conversions. We first design a CPA secure scheme, and then transform it into a CCA secure scheme using the Fujisaki-Okamoto technique (CRYPTO ’99) in the random oracle model or the Canetti-Halevi-Katz technique (EUROCRYPT ’04) in the standard model if the CPA secure scheme satisfies some conditions. These transformations are generic so they can be applied to encryption primitives such as IBE and ABE. Nevertheless, both techniques result in an inevitable ciphertext expansion. Subsequent generic constructions mainly follow the idea surrounding these two techniques. The ciphertext expansion becomes a tradeoff in the existing conversions where it raises an inherently interesting question: do we have to sacrifice the size of the ciphertext during security transformation for all encryption primitives? In this work we will explore, for the first time, new generic conversions from CPA to CCA security without ciphertext expansion. By utilizing the properties of encryption in a novel way we will show that these generic conversions exist in the encryption primitive; they are called constant-size threshold ABE that satisfy verifiability or delegatability. Given a CPA secure threshold ABE that fulfills this requirement, we can convert it into a CCA secure threshold ABE without increasing the size of the ciphertext, albeit our conversions are restricted to the random oracle model. Our conversions are also applicable for transforming selective CPA to selective CCA security. We also show two instantiations of our conversions and obtain the shortest ciphertexts among all threshold ABE schemes with (selective) CCA security in the literature, even for other expressive access structures in the ABE setting. The ciphertext of the converted CCA secure scheme consists of three group elements only: two elements in group G1 2022-10-01T07:00:00Z text https://ink.library.smu.edu.sg/sis_research/7727 info:doi/10.1016/j.ins.2022.08.069 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Theory and Algorithms |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Theory and Algorithms |
| spellingShingle |
Theory and Algorithms LAI, J GUO, F SUSILO, W JIANG, P YANG, Guomin HUANG, X. Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts |
| description |
CCA security is desirable when designing encryption schemes because it captures active attackers. One efficient approach for achieving CCA security is to use generic conversions. We first design a CPA secure scheme, and then transform it into a CCA secure scheme using the Fujisaki-Okamoto technique (CRYPTO ’99) in the random oracle model or the Canetti-Halevi-Katz technique (EUROCRYPT ’04) in the standard model if the CPA secure scheme satisfies some conditions. These transformations are generic so they can be applied to encryption primitives such as IBE and ABE. Nevertheless, both techniques result in an inevitable ciphertext expansion. Subsequent generic constructions mainly follow the idea surrounding these two techniques. The ciphertext expansion becomes a tradeoff in the existing conversions where it raises an inherently interesting question: do we have to sacrifice the size of the ciphertext during security transformation for all encryption primitives? In this work we will explore, for the first time, new generic conversions from CPA to CCA security without ciphertext expansion. By utilizing the properties of encryption in a novel way we will show that these generic conversions exist in the encryption primitive; they are called constant-size threshold ABE that satisfy verifiability or delegatability. Given a CPA secure threshold ABE that fulfills this requirement, we can convert it into a CCA secure threshold ABE without increasing the size of the ciphertext, albeit our conversions are restricted to the random oracle model. Our conversions are also applicable for transforming selective CPA to selective CCA security. We also show two instantiations of our conversions and obtain the shortest ciphertexts among all threshold ABE schemes with (selective) CCA security in the literature, even for other expressive access structures in the ABE setting. The ciphertext of the converted CCA secure scheme consists of three group elements only: two elements in group G1 |
| format |
text |
| author |
LAI, J GUO, F SUSILO, W JIANG, P YANG, Guomin HUANG, X. |
| author_facet |
LAI, J GUO, F SUSILO, W JIANG, P YANG, Guomin HUANG, X. |
| author_sort |
LAI, J |
| title |
Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts |
| title_short |
Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts |
| title_full |
Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts |
| title_fullStr |
Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts |
| title_full_unstemmed |
Generic conversions from CPA to CCA without ciphertext expansion for threshold ABE with constant-size ciphertexts |
| title_sort |
generic conversions from cpa to cca without ciphertext expansion for threshold abe with constant-size ciphertexts |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2022 |
| url |
https://ink.library.smu.edu.sg/sis_research/7727 |
| _version_ |
1770576422311559168 |