IACR News item: 18 August 2012
Manuel Barbosa, Pooya Farshim
ePrint Report
- We show that the BSW definition of semantic security fails to reject intuitively insecure FE schemes where a ciphertext leaks more about an encrypted message than that which can be recovered from an image under the supported functionality. Our definition (as O\'Neill\'s) does not suffer from this problem.
- We introduce an orthogonal notion of {\\em setup security} that rejects all FE schemes where the master secret key may give unwanted power to the TA, allowing the recovery of extra information from images under the supported functionality. We prove FE schemes supporting {\\em all-or-nothing} functionalities are intrinsically setup-secure and further show that many well-known functionalities {\\em are} all-or-nothing.
- We extend the equivalence result of O\'Neill between indistinguishability and semantic security to restricted {\\em adaptive} token extraction attacks (the standard notion of security for, e.g., IBEs and ABEs). We establish that this equivalence holds for the large class of all-or-nothing functionalities. Conversely, we show that the proof technique used to establish this equivalence cannot be applied to schemes supporting a one-way function.
- We show that the notable {\\em inner-product} functionality introduced by Katz, Sahai, and Waters (EUROCRYPT 2008) can be used to encode a one-way function under the small integer solution problem, and hence natural approaches to prove its (restricted) adaptive security fail. This complements the equivalence result of O\'Neill for the non-adaptive case, and leaves open the question of proving the semantic security of existing inner-product encryption schemes.
Additional news items may be found on the IACR news page.