International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Public-Key Encryption Resistant to Parameter Subversion and Its Realization from Efficiently-Embeddable Groups

Authors:
Benedikt Auerbach
Mihir Bellare
Eike Kiltz
Download:
DOI: 10.1007/978-3-319-76578-5_12
Search ePrint
Search Google
Conference: PKC 2018
Abstract: We initiate the study of public-key encryption (PKE) schemes and key-encapsulation mechanisms (KEMs) that retain security even when public parameters (primes, curves) they use may be untrusted and subverted. We define a strong security goal that we call ciphertext pseudo-randomness under parameter subversion attack (CPR-PSA). We also define indistinguishability (of ciphertexts for PKE, and of encapsulated keys from random ones for KEMs) and public-key hiding (also called anonymity) under parameter subversion attack, and show they are implied by CPR-PSA, for both PKE and KEMs. We show that hybrid encryption continues to work in the parameter subversion setting to reduce the design of CPR-PSA PKE to CPR-PSA KEMs and an appropriate form of symmetric encryption. To obtain efficient, elliptic-curve-based KEMs achieving CPR-PSA, we introduce efficiently-embeddable group families and give several constructions from elliptic-curves.
BibTeX
@inproceedings{pkc-2018-28870,
  title={Public-Key Encryption Resistant to Parameter Subversion and Its Realization from Efficiently-Embeddable Groups},
  booktitle={Public-Key Cryptography – PKC 2018},
  series={Public-Key Cryptography – PKC 2018},
  publisher={Springer},
  volume={10769},
  pages={348-377},
  doi={10.1007/978-3-319-76578-5_12},
  author={Benedikt Auerbach and Mihir Bellare and Eike Kiltz},
  year=2018
}