Abstract
For an encryption scheme to be applied in practical applications, it should withstand various leakage attacks. In this paper, we present a new leakage-resilient public key encryption scheme whose security is based on the classical DDH (decisional Diffie-Hellman) assumption. In the computational cost, our proposed scheme is more efficient than the original Cramer-Shoup leakage-resilient public key encryption scheme. At the same time, our new scheme also enjoys a shorter (public and secret) key length, and a higher relative key leakage ratio. We formally prove our new proposal is semantically secure against adaptive posteriori chosen ciphertext key-leakage attacks assuming the hardness of the DDH problem without random models.
Similar content being viewed by others
References
Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Proceedings of the 6th Theory of Cryptography Conference, pp. 474–495 (2009)
Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Halevi, S. (ed.) Advances in Cryptology—CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03356-8_3
Alwen, J., Dodis, Y., Naor, M., Segev, G., Walfish, S., Wichs, D.: Public-key encryption in the bounded-retrieval model. In: Gilbert, H. (ed.) Advances in Cryptology—EUROCRYPT 2010. LNCS, vol. 6110, pp. 113–134. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13190-5_6
Avanzi, R.M.: The complexity of certain multi-exponentiation techniques in cryptography. J. Cryptol. 18(4), 357–373 (2005). doi:10.1007/s00145-004-0229-5
Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Advances in Cryptology—CRYPTO 97, pp. 513–525 (1997). doi:10.1007/BFb0052259
Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: EUROCRYPT, pp. 223–238 (2004). doi:10.1007/978-3-540-24676-3_14
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Advances in Cryptology—EUROCRYPT 97, pp. 37–51 (1997). doi:10.1007/3-540-69053-0_4
Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: FOCS, pp. 647–657 (2007)
Brakerski, Z., Goldwasser, S.: Circular and leakage resilient public-key encryption under subgroup indistinguishability (or: quadratic residuosity strikes back). In: Advances in Cryptology—CRYPTO 2010, pp. 1–20 (2010). doi:10.1007/978-3-642-14623-7_1
Carter, J.L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18, 143–154 (1979)
Chow, S., Dodis, Y., Rouselakis, Y., Waters, B.: Practical leakage-resilient identity-based encryption from simple assumptions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 152–161. ACM Press, New York (2010). doi:10.1145/1866307.1866325
Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998). doi:10.1007/BFb0055717
Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Advances in Cryptology—EUROCRYPT ’02, pp. 45–64 (2002). doi:10.1007/3-540-46035-7_4
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33, 167–226 (2003). doi:10.1137/S0097539702403773
Dimitrov, V.S., Jullien, G.A., Miller, W.C.: Complexity and fast algorithms for multiexponentiations. IEEE Trans. Comput. 49(2), 141–147 (2000). doi:10.1109/12.833110
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008). doi:10.1137/060651380
Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient public-key cryptography in the presence of key leakage. In: ASIACRYPT 2010, pp. 613–631 (2010). doi:10.1007/978-3-642-17373-8_35
Dziembowski, S., Faust, S.: Leakage-resilient cryptography from the inner-product extractor. In: ASIACRYPT 2011, pp. 702–721 (2011). doi:10.1007/978-3-642-25385-0_38
Gentry, C.: Practical identity-based encryption without random oracles. In: Vaudenay, S. (ed.) Advances in Cryptology—EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006). doi:10.1007/11761679_27
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC ’08: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, New York, NY, USA, pp. 197–206. ACM Press, New York (2008). doi:10.1145/1374376.1374407
Gordon, D.M.: A survey of fast exponentiation methods. J. Algorithms 27(1), 129–146 (1998). doi:10.1006/jagm.1997.0913
Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold boot attacks on encryption keys. In: Proceedings of the 17th USENIX Security Symposium, pp. 45–60 (2008). doi:10.1145/1506409.1506429
Kiltz, E., Pietrzak, K.: Leakage resilient ElGamal encryption. In: Advances in Cryptology—ASIACRYPT 2010. LNCS, vol. 6477, pp. 595–612. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17373-8_34
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Advances in Cryptology—CRYPTO 96, pp. 104–113 (1996). doi:10.1007/3-540-68697-5_9
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25
Lewko, A.B., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: TCC, pp. 455–479 (2010). doi:10.1007/978-3-642-11799-2_27
Menezes, A., Oorschot, P.V., Vanstone, S.: Handbook of Applied Cryptography, pp. 617–619. CRC Press, Boca Raton (1995)
Möller, B., Rupp, A.: Faster multi-exponentiation through caching: accelerating (EC)DSA signature verification. In: Security and Cryptography for Networks (SCN 2008). LNCS, vol. 5229, pp. 39–56. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85855-3_4
Naor, M., Segev, G.: Public-key cryptosystems resilient to key leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03356-8_2
Nguyen, M.H., Tanaka, K., Yasunaga, K.: Leakage-resilience of Stateless/Stateful public-key encryption from hash proofs. In: Proceeding of Information Security and Privacy 2012. LNCS, vol. 7372, pp. 208–222. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31448-3_16
Nisan, N., Zuckerman, D.: Randomness is linear in space. J. Comput. Syst. Sci. 52(1), 43–52 (1996). doi:10.1006/jcss.1996.0004
Waters, B.: Efficient identity-based encryption without random oracles. In: EUROCRYPT, pp. 114–127 (2005). doi:10.1007/11426639_7
Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22, 265–279 (1981)
Acknowledgements
This research is supported by National Natural Science Foundation of China (No. 61170298), Natural Science Fund for Colleges and Universities in Jiangsu Province (No. 11KJB520006) and Young Teacher Fund of NJUT (No. 3970423). We also thank the anonymous reviewers for their helpful comments.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, S., Zhang, F., Sun, Y. et al. Efficient leakage-resilient public key encryption from DDH assumption. Cluster Comput 16, 797–806 (2013). https://doi.org/10.1007/s10586-013-0253-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-013-0253-z