Reference : Robust Encryption, Extended
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/43335
Robust Encryption, Extended
English
Geraud, Remi mailto [ENS, Paris, France > Département d'Informatique]
Naccache, David mailto [ENS, Paris, France > Département d'Informatique > > Professor]
Rosie, Razvan mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
1-Mar-2019
The Cryptographers' Track at the RSA Conference 2019, San Francisco, CA, USA, March 4–8, 2019, Proceedings
Matsui, Mitsuru
Springer
25
Yes
International
978-3-030-12612-4
CT-RSA
March 4–8, 2019
San Francisco
USA
[en] robustness ; functional encryption ; signature schemes
[en] Robustness is a notion often tacitly assumed while working with encrypted data. Roughly speaking, it states that a ciphertext cannot be decrypted under different keys. Initially formalized in a public-key context, it has been further extended to key-encapsulation mechanisms, and more recently to pseudorandom functions, message authentication codes and authenticated encryption. In this work, we motivate the importance of establishing similar guarantees for functional encryption schemes, even under adversarially generated keys. Our main security notion is intended to capture the scenario where a ciphertext obtained under a master key (corresponding to Authority 1) is decrypted by functional keys issued under a different master key (Authority 2). Furthermore, we show there exist simple functional encryption schemes where robustness under adversarial key-generation is not achieved. As a secondary and independent result, we formalize robustness for digital signatures – a signature should not verify under multiple keys – and point out that certain signature schemes are not robust when the keys are adversarially generated. We present simple, generic transforms that turn a scheme into a robust one, while maintaining the original scheme’s security. For the case of public-key functional encryption, we look into ciphertext anonymity and provide a transform achieving it.
http://hdl.handle.net/10993/43335
10.1007/978-3-030-12612-4_8
H2020 ; 643161 - ECRYPT-NET - European Integrated Research Training Network on Advanced Cryptographic Technologies for the Internet of Things and the Cloud

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
2019-238.pdfAuthor postprint489 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.