IACR News item: 29 November 2012
Pooya Farshim, Benoît Libert, Kenneth G. Paterson, Elizabeth A. Quaglia
ePrint Report
We revisit the notions of robustness introduced by Abdalla, Bellare, and Neven (TCC 2010). One of the main motivations for the introduction of strong robustness for public-key encryption (PKE) by Abdalla et al. to prevent certain types of attack on Sako\'s auction protocol. We show, perhaps surprisingly, that Sako\'s protocol is still vulnerable to attacks exploiting robustness problems in the underlying PKE scheme, even when it is instantiated with a \\emph{strongly} robust scheme. This demonstrates that current notions of robustness are insufficient even for one of its most natural applications. To address this and other limitations in existing notions, we introduce a series of new robustness notions for PKE and explore their relationships. In particular, we introduce \\emph{complete} robustness, our strongest new notion of robustness, and give a number of constructions for completely robust PKE schemes.
Additional news items may be found on the IACR news page.