Leakage-resilient identity-based cryptography from minimal assumptions

Abstract

Identity-based hash proof system (IB-HPS), a variant of hash proof system (HPS) in the identity-based setting, is a useful building block in cryptography. In EUROCRYPT 2010 (Alwen et al in Advances in cryptology-EUROCRYPT 2010, volume 6110 of LNCS, Springer, Berlin, pp. 113–134, 2010), Alwen et al. demonstrated that IB-HPS almost immediately yields an identity-based encryption (IBE) scheme that is secure against partial leakage of the target identity’s decryption key. In FOCS 2010 (Dodis et al in FOCS 2010, IEEE, pp. 511–520, 2010), Dodis et al. further pointed out that a cryptographic system with continuous leakage-resilience can be obtained from a bounded leakage resilient scheme by performing an additional key update algorithm, subject to some conditions. Therefore, to create a generic construction of IBE schemes with continuous leakage resilience, one can use an improved IB-HPS, called updatable IB-HPS (U-IB-HPS), which has a key update algorithm to embed some fresh randomness into the user’s private key. Moreover, identity-based hash proof system with two encapsulation keys (T-IB-HPS) was also proposed. And it can be used to create chosen-ciphertext attacks secure encryption scheme with high computational efficiency. However, most of the existing IB-HPS constructions suffer some restrictions: they either do not have the adaptive security or rely on some non-static security assumptions. After analyzing the existing methods used in creating IBE schemes, we found that it is difficult to design an IB-HPS with adaptive security from classic static assumptions. In this paper, the generic constructions of IB-HPS, U-IB-HPS and T-IB-HPS with adaptive security are created respectively from any standard (updatable) IBE scheme. The security of proposed system is proved based on the semantic security of the underlying (updatable) IBE scheme. These new constructions of leakage-resilient cryptosystems can achieve provable security even if the attacker learns some arbitrary partial information about their internal secret key. While there are many previous works constructing such leakage-resilient cryptosystems under concrete number-theoretic and algebraic assumptions, this work presents the cryptography primitives under general and minimal assumptions. In particular, we construct:

• Leakage-resilient identity-based cryptosystems from any standard IBE.

• Leakage-resilient public-key encryption scheme from any standard IBE.

Appendices

Appendix A: Identity-based hash proof system

The definition and the security properties of IB-HPS is described in [1], and the corresponding definition and security model of U-IB-HPS are introduced in [38, 39]. However, for the sake of reading, we will review these basic knowledge in this section.

1.1 Appendix A.1: Definition of IB-HPS

An IB-HPS consists of five probabilistic polynomial time algorithms: \(\textsf{Setup}\), \(\textsf{KeyGen}\), \(\textsf{Encap}\), \(\mathsf {Encap^*}\) and \(\textsf{Decap}\). These algorithms have the following syntax.

1.2 Appendix A.2: Security properties of IB-HPS

An IB-HPS satisfies these security properties, such as correctness, valid/invalid ciphertext indistinguishability, universally and smoothness [1].

Correctness. In IB-HPS, for any identity \(id \in \mathcal{I}\mathcal{D}\), we have

$$\begin{aligned} \Pr \begin{bmatrix} k \ne k'\Bigg |\begin{matrix} sk_{id}\leftarrow \textsf{KeyGen}(id,msk),\\ (C, k) \leftarrow \textsf{Encap}(id),\\ k' \leftarrow \textsf{Decap}(C, sk_{id}). \end{matrix} \end{bmatrix} \le \textsf{negl}(\kappa ), \end{aligned}$$

where \((mpk,msk)\leftarrow \textsf{Setup}(1^\kappa )\).

1.2.1 Valid/invalid ciphertext indistinguishability

The valid ciphertexts generated by the valid encapsulation algorithm \(\textsf{Encap}\) and the invalid ciphertexts generated by the invalid encapsulation algorithm \(\mathsf {Encap^*}\) should be indistinguishable even given the private key of any identity. This property is captured in the following distinguishability game performed by a challenger \({\mathcal {C}}\) and an adversary \({\mathcal {A}}\) under a security parameter \(\kappa \).

The advantage of \({\mathcal {A}}\) in distinguishing valid/invalid encapsulation ciphertexts is defined in the following

$$\begin{aligned} \textsf{Adv}_{\text{ IB-HPS },{\mathcal {A}}}^{\mathrm {VI\text {-}IND}}(\kappa )=\left| \Pr [{\mathcal {A}}~\text{ wins}]-\frac{1}{2}\right| , \end{aligned}$$

where the probability is over all random bits used by the challenger and the adversary. For any probabilistic polynomial time adversary \({\mathcal {A}}\), we require that \(\textsf{Adv}_{\text{ IB-HPS },{\mathcal {A}}}^{\mathrm {VI\text {-}IND}}(k)\le \textsf{negl}(\kappa )\).

We have to stress that, in this game, the adversary can obtain the complete private key of any identity including the challenge identity.

1.2.2 Universally

For any \((mpk,msk) \leftarrow \textsf{Setup}(1^\kappa )\) and \(id \in \mathcal{I}\mathcal{D}\), if the the following properties hold, then we say that an IB-HPS is \(\delta \)-universal.

The universally of IB-HPS ensure that any two distinct private keys will decapsulate an invalid ciphertext to the diffierent value.

1.2.3 Smoothness

For any \(sk_{id}\leftarrow \textsf{KeyGen}(id,msk)\), we say that an IB-HPS is smooth if we have

$$\begin{aligned} \textsf{SD}((C,k),(C,{\hat{k}}))\le \textsf{negl}(\kappa ), \end{aligned}$$

where \(C \leftarrow \mathsf {Encap^*}(id)\), \(k =\textsf{Decap}(C, sk_{id})\) and \({\hat{k}}\leftarrow _R {\mathcal {K}}\).

Appendix B: Updatable identity-based hash proof system

In this section, we define the notion and the security of U-IB-HPS, which is a very useful variant of IB-HPS.

1.1 Appendix B.1.: Definition of U-IB-HPS

A U-IB-HPS consists of six probabilistic polynomial time algorithms: \(\textsf{Setup}\), \(\textsf{KeyGen}\), \(\textsf{Encap}\), \(\mathsf {Encap^*}\), \(\textsf{Decap}\) and \(\textsf{Update}\). These algorithms have the following syntax.

1.2 Appendix B.2.: Security properties of U-IB-HPS

We require that a U-IB-HPS satisfies the following security properties.

Correctness For any identity \(id \in \mathcal{I}\mathcal{D}\), we have

$$\begin{aligned} \Pr \begin{bmatrix} k \ne k'\Big |(C, k) \leftarrow \textsf{Encap}(id), k' \leftarrow \textsf{Decap}(C, sk_{id}) \end{bmatrix}\le & {} \textsf{negl}(\kappa ), \\ \Pr \begin{bmatrix} k \ne {\hat{k}}\Big |\begin{matrix} sk_{id}'\leftarrow \textsf{Update}(sk_{id}),\\ (C, k) \leftarrow \textsf{Encap}(id), {\hat{k}} \leftarrow \textsf{Decap}(C, sk_{id}'). \end{matrix} \end{bmatrix}\le & {} \textsf{negl}(\kappa ), \end{aligned}$$

where \((mpk,msk)\leftarrow \textsf{Setup}(1^\kappa )\) and \(sk_{id}\leftarrow \textsf{KeyGen}(id,msk)\).

Valid/invalid ciphertext indistinguishability The valid ciphertexts generated by the valid encapsulation algorithm \(\textsf{Encap}\) and the invalid ciphertexts generated by the invalid encapsulation algorithm \(\mathsf {Encap^*}\) should be indistinguishable even given the private key of any identity. This property is captured in the following distinguishability game performed by a challenger \({\mathcal {C}}\) and an adversary \({\mathcal {A}}\) under a security parameter \(\kappa \).

Note that, in both test stages, \({\mathcal {C}}\) computes \(sk_{id} \leftarrow \textsf{KeyGen}(id, msk)\) the first time that id is queried and responds to all future queries on the same id with the same \(SK_{id}\). During the Test Stage 1 and 2, \({\mathcal {A}}\) can choose any identity id to perform a key generation query even the challenge identity \(id^*\), i.e., in this game, the adversary can obtain the complete private key of any identity, thus, in the leakage setting, this property is also valid. We define the advantage of \({\mathcal {A}}\) in distinguishing valid/invalid ciphertexts to be

$$\begin{aligned} \textsf{Adv}_{\text{ U-IB-HPS },{\mathcal {A}}}^{\mathrm {VI\text {-}IND}}(\kappa )=\left| \Pr [{\mathcal {A}}~\text{ wins}]-\frac{1}{2}\right| , \end{aligned}$$

where the probability is over all random bits used by the challenger and the adversary. For any probabilistic polynomial time adversary \({\mathcal {A}}\), we require that \(\textsf{Adv}_{\text{ U-IB-HPS },{\mathcal {A}}}^{\mathrm {VI\text {-}IND}}(k)\le \textsf{negl}(\kappa )\).

We stress that, in the U-IB-HPS, the valid ciphertexts and the invalid ciphertexts are still indistinguishable, even if the adversary has performed the key update operation many times.

Universal U-IB-HPS. If any two private keys are created by the key generation algorithm with the same identity, then we say that these private keys are distinct, i.e., \(sk_{id}\) and \(sk_{id}^*\) are distinct if and only if \(sk_{id} \leftarrow _R \textsf{KeyGen}(id)\) and \(sk_{id}^* \leftarrow _R \textsf{KeyGen}(id)\). That is, distinct private keys must have different underlying randomness. However, the updated private key \(sk_{id}'\leftarrow _R \textsf{Update}(sk_{id})\) and the original private key \(sk_{id}\) have the same underlying randomness.

We say that a U-IB-HPS is \(\delta \)-universal if, for any fixed values of mpk, msk produced by \(\textsf{Setup}(1^\kappa )\) and any fixed \(id \in \mathcal{I}\mathcal{D}\), the following properties hold:

That means it is highly unlikely that any two distinct private keys will decapsulate an invalid ciphertext to the same value.

Continuous smooth/continuous leakage smooth U-IB-HPS For any private key \(sk_{id}\) and updated private key \(sk_{id}'\) (where \(sk_{id}'\leftarrow \textsf{Update}(sk_{id})\)) associated with the identity id, we say that a U-IB-HPS is continuously smooth if we have

$$\begin{aligned} \textsf{SD}((C,k),(C,{\hat{k}}))\le \textsf{negl}(\kappa )~~\text{ and }~~\textsf{SD}((C,k'),(C,{\hat{k}}))\le \textsf{negl}(\kappa ), \end{aligned}$$

where \(C \leftarrow \mathsf {Encap^*}(id)\), \(k =\textsf{Decap}(C, sk_{id})\), \(k' =\textsf{Decap}(C, sk_{id}')\) and \({\hat{k}}\leftarrow _R {\mathcal {K}}\).

From now, in the U-IB-HPS, we allow multiple keys leakage, i.e., leakage of the master secret key and the private key of user. Thus, a U-IB-HPS is \((l_{msk},l_{SK})\)-continuous leakage smooth, if for any efficient computable leakage function \(f:\mathcal{S}\mathcal{K}\rightarrow \{0,1\}^{l_{sk}}\), we have

$$\begin{aligned} \textsf{SD}((C,f(sk_{id}),k),(C,f(sk_{id}),{\hat{k}}))\le & {} \textsf{negl}(\kappa ), \\ \textsf{SD}((C,f(sk_{id}'),k'),(C,f(sk_{id}'),{\hat{k}}))\le & {} \textsf{negl}(\kappa ), \end{aligned}$$

where \(C,k,k'\) and \({\hat{k}}\) are sampled as above. That means the decapsulation result of any invalid ciphertext is a uniform and random distribution over encapsulated-key space even if the adversary can obtain a certain amount of additional information on the private key of user and the master secret key, respectively.

Re-randomization property A U-IB-HPS satisfies the re-randomization property if the following properties holds:

For all identities \(id \in \mathcal{I}\mathcal{D}\), the distribution of a private key \(sk_{id}'\) generated by the key update algorithm \(\textsf{Update}\) is indistinguishable from the distribution of a private key \(sk_{id}\) generated by the key generation algorithm \(\textsf{KeyGen}\), i.e., for any \(sk_{id}'=\textsf{Update}(\textsf{KeyGen}(msk,id))\) and \(sk_{id}=\textsf{KeyGen}(msk,id)\), we have \(\textsf{SD}(sk_{id},sk_{id}')\le \textsf{negl}(\kappa )\), where \((mpk,msk)\leftarrow \textsf{Setup}(1^\kappa )\).

Invariance of update For any identity \(id\in \mathcal{I}\mathcal{D}\), the private key \(sk_{id}\) and the updated private key \(sk_{id}'\) of \(sk_{id}\) (where \(sk_{id}'=\textsf{Update}(sk_{id})\)), we say that a U-IB-HPS enjoys invariance of update if we have

\(\textsf{Decap}(C, sk_{id})=\textsf{Decap}(C, sk_{id}')\),

where \(C \leftarrow \mathsf {Encap^*}(id)\).

Notice that, the invariance of update can ensure that the valid ciphertexts and the invalid ciphertexts are indistinguishable even if the adversary has performed the key update operation many times, i.e., for any aadversary, the decapsulation view of any invalid ciphertext only contain the underlying randomness of private key and is unchanged even if the key update operation is performed.

1.3 Appendix B.3.: Relations between universality, smoothness and leakage-smoothness of U-IB-HPS

Now, we introduce the relations of universality, continuous smoothness and continuous leakage smoothness, as follows.

Theorem 6

Assume that a U-IB-HPS, with the encapsulated-key space \({\mathcal {K}}=\{0,1\}^{l_m}\), is \(\delta \)-universal. Then it is also \(l_{sk}\)-continuous leakage smooth as long as \(l_{sk}\le \delta -l_m-\omega (\log \kappa )\).

It follows the leftover hash lemma and the generalized leftover hash lemma [38, 40].

Now, we will show how to convert a continuous smooth U-IB-HPS \(\Pi '= (\mathsf {Setup'},\mathsf {KeyGen'}, \mathsf {Encap'},\mathsf {Encap'^*},\) \(\mathsf {Decap'},\mathsf {Update'})\) with the encapsulated-key space \(\{0,1\}^{l_m}\) into a continuous leakage smooth U-IB-HPS \(\Pi ^*=(\textsf{Setup},\textsf{KeyGen},\textsf{Encap},\mathsf {Encap^*},\textsf{Decap},\textsf{Update})\) with the encapsulated-key space \(\{0,1\}^{l_v}\) using an average-case \((l_m-\lambda ,\varepsilon )\)-strong extractor \(\textsf{Ext}:\{0,1\}^{l_m}\times \{0,1\}^{l_t} \rightarrow \{0,1\}^{l_v}\), where \(\varepsilon \) is negligible.

Theorem 7

If \(\Pi '=(\mathsf {Setup'},\mathsf {KeyGen'}, \mathsf {Encap'},\mathsf {Encap'^*},\mathsf {Decap'},\mathsf {Update'})\) is a smooth U-IB-HPS with the encapsulated-key space \(\{0,1\}^{l_m}\). Also, \(\textsf{Ext}:\{0,1\}^{l_m} \times \{0,1\}^{l_t} \rightarrow \{0,1\}^{l_v}\) is an average-case \((l_m-\lambda ,\varepsilon )\)-strong randomness extractor for some negligible advantage \(\varepsilon \). Then, the above transformation produces an \(\lambda \)-continuous leakage smooth U-IB-HPS \(\Pi ^*\) with the encapsulated-key space \(\{0,1\}^{l_v}\), where \(\lambda \le l_m-l_v-\omega (\log \kappa )\).

Proof

The correctness, valid/invalid ciphertext indistinguishability, invariance of update and re-randomization properties of the modified scheme follow those of the original continuous smooth U-IB-HPS \(\Pi \). For the continuous leakage smoothness, let \(f:\mathcal{S}\mathcal{K}\rightarrow \{0,1\}^{l_{sk}}\) be a leakage function with \(l_{sk}\) bits output. Also, we define a function \(f'(C,k^*)\) which samples the encapsulated key \(k^*\) from the distribution of ciphertext C with the private key \(sk_{id}\) by running the decapsulation algorithm \(\textsf{Decap}\) and outputs the corresponding leakage \(f(sk_{id})\) of private key \(sk_{id}\), i.e.,

$$\begin{aligned} f'(C,k^*)\equiv ~\text{ output }~k^*= \textsf{Decap}(sk_{id},C)~~\text{ and }~~f(sk_{id}). \end{aligned}$$

Then, for any fixed values of mpk, msk produced by \(\textsf{Setup}(1^\kappa )\) and any fixed identity id, we can obtain

$$\begin{aligned} (C,f(sk_{id}),k)&\equiv (C,f(sk_{id}),k=\textsf{Ext}(k^*,S))\nonumber \\&\equiv (C,f'(C,k^*),k=\textsf{Ext}(k^*,S)\nonumber \\&\approx (C,f'(C,U_K),k=\textsf{Ext}(U_K,S)) \end{aligned}$$

(B.1)

$$\begin{aligned}&\approx (C,f'(C,U_K),{\hat{k}}) \end{aligned}$$

(B.2)

$$\begin{aligned}&\approx (C,f'(C,k^*),{\hat{k}}) \nonumber \\&\equiv (C,f'(SK_{id}),{\hat{k}}), \end{aligned}$$

(B.3)

where \(sk_{id}=\textsf{KeyGen}(id,msk)\), \(C=\mathsf {Encap^*}(id)\), \(k^*=\textsf{Decap}(sk_{id},C)\), \(U_K \leftarrow _R \{0,1\}^{l_m}\) and \({\hat{k}} \leftarrow _R \{0,1\}^{l_v}\). Also, S is a random and independent extractor seed.

Equations (B.1) and (B.3) hold due to the definition of continuous smoothness of the underlying U-IB-HPS \(\Pi \), and the Eq. (B.2) follows from the security definition of the underlying average-case \((l_m-\lambda ,\varepsilon )\)-strong randomness extractor \(\textsf{Ext}:\{0,1\}^{l_m} \times \{0,1\}^{l_t} \rightarrow \{0,1\}^{l_v}\). Therefore, we obtain

$$\begin{aligned} \textsf{SD}((C,f(sk_{id}),k),(C,f_2(sk_{id}),{\hat{k}}))\le \textsf{negl}(\kappa ). \end{aligned}$$

Thus, we have

$$\begin{aligned} l_v \le l_m-\lambda -\omega (\log k) \Rightarrow \lambda \le l_m-l_v-\omega (\log k). \end{aligned}$$

\(\square \)

Notice that, according to Theorem 7, we can create a continuous leakage smooth U-IB-HPS from any smooth U-IB-HPS with the average-case strong extractor. Therefore, in our instantiations, we only require to prove the smoothness, and the continuous leakage smoothness is naturally obtained from Theorem 7.

Appendix C: Identity-based hash proof system with two encapsulated key

In this section, the formal definition and the details of security properties of T-IB-HPS will be reviewed.

1.1 Appendix C.1.: Definition of T-IB-HPS

A T-IB-HPS consists \(\textsf{Setup}\), \(\textsf{KeyGen}\), \(\textsf{Encap}\), \(\textsf{Encap}^*\) and \(\textsf{Decap}\) five probabilistic polynomial time algorithms, and the algorithms are described in detail as follows.

1.2 Appendix C.2.: Security properties of T-IB-HPS

A secure T-IB-HPS should satisfy the following security properties, such as correctness, universally, (leakage) smoothness and valid/invalid ciphertext indistinguishability, etc.

(1) Correctness. For \((mpk,msk)\leftarrow \textsf{Setup}(1^\kappa )\) and any identity \(id \in \mathcal{I}\mathcal{D}\), we have

$$\begin{aligned} \Pr [k'_1\ne k_1 \vee k'_2\ne k_2\big |(C,k_1,k_2) \leftarrow \textsf{Encap}(id),(k'_1,k'_2) \leftarrow \textsf{Decap}(sk_{id},C) ]\le \textsf{negl}(\kappa ), \end{aligned}$$

where \(sk_{id}\leftarrow \textsf{KeyGen}(msk,id)\).

(2) Universally. For \((mpk,msk)\leftarrow \textsf{Setup}(1^\kappa )\) and any identity \(id\in \mathcal{I}\mathcal{D}\), if the following two properties hold, then we say that the corresponding T-IB-HPS is \(\delta \)-universal.

• For \(sk_{id}\leftarrow \textsf{KeyGen}(msk,id)\), we have \(H_\infty (sk_{id})\ge \delta \).

• For any two different private keys \(sk_{id}\ne sk'_{id}\) associated with the same identity id, we have

  $$\begin{aligned} \Pr [\textsf{Decap}(C^*,sk_{id})=\textsf{Decap}(C^*,sk'_{id})]\le \textsf{negl}(\kappa ), \end{aligned}$$

  where \(C^*\leftarrow \textsf{Encap}^*(id)\), \(sk_{id}\leftarrow \textsf{KeyGen}(msk,id)\) and \(sk'_{id}\leftarrow \textsf{KeyGen}(msk,id)\).

(3) Smoothness. For \((mpk,msk)\leftarrow \textsf{Setup}(1^\kappa )\) and any identity \(id\in \mathcal{I}\mathcal{D}\), we say that a T-IB-HPS is smooth if we have

$$\begin{aligned} \textsf{SD}((C^*,k'_1,k'_2),(C^*,{\hat{k}}_1,{\hat{k}}_2))\le \textsf{negl}(\kappa ), \end{aligned}$$

where \(C^*\leftarrow \textsf{Encap}^*(id)\), \(sk_{id}\leftarrow \textsf{KeyGen}(msk,id)\), \((k'_1,k'_2) \leftarrow \textsf{Decap}(sk_{id},C^*)\) and \(({\hat{k}}_1,{\hat{k}}_2) \leftarrow _R {\mathcal {K}}_1 \times {\mathcal {K}}_2\). The smoothness means that, in the T-IB-HPS, the decapsulation result of the invalid ciphertext is uniform and random in the adversary’s view, that is, which are indistinguishable from the random values over the encapsulated-key space.

Let \(f:\{0,1\}\rightarrow \{0,1\}^\lambda \) be an efficient and computable leakage function. Now, based on the smoothness, the leakage smoothness of T-IB-HPS is described as follows: If we have

$$\begin{aligned} \textsf{SD}((C^*,f(d_{id}),k'_1,k'_2),(C^*,f(d_{id}),{\hat{k}}_1,{\hat{k}}_2))\le \textsf{negl}(\kappa ), \end{aligned}$$

where \(C^*\), \(sk_{id}\), \((k'_1,k'_2)\) and \(({\hat{k}}_1,{\hat{k}}_2)\) are sampled as above, then, we say that the corresponding T-IB-HPS has leakage smoothness.

(4) Valid/invalid ciphertext indistinguishability. The valid ciphertexts created by \(\textsf{Encap}\) and the invalid ciphertexts created by \(\textsf{Encap}^*\) should be indistinguishable even given the private key of any identity (including the challenge identity).

The valid/invalid ciphertext indistinguishability is captured through the following distinguishability game \(\textsf{Exp}_{{\mathcal {C}},{\mathcal {A}}}^{\mathrm {VI\text{- }IND}}(\kappa )\), which performed by the challenger \({\mathcal {C}}\) and an adversary \({\mathcal {A}}\), where the system environment of T-IB-HPS will be created by \({\mathcal {C}}\).

where \({\mathcal {O}}^{\textsf{KeyGen}}(msk)\) denote the key generation oracle, and the adversary can obtain the corresponding private key \(sk_{id}\) of any identity id (including the challenge identity \(id^*\)) from \({\mathcal {O}}^{\textsf{KeyGen}}(msk)\). Note that, in both test stages, the challenger \({\mathcal {C}}\) computes \(sk_{id}\leftarrow \textsf{KeyGen}(msk,id)\) the first time that id is queried and responds to all future queries on the same id with the same \(sk_{id}\). In this game, the adversary \({\mathcal {A}}\) can choose any identity id to perform a key generation query even the challenge identity \(id^*\).

For any probabilistic polynomial time adversary \({\mathcal {A}}\), the advantage of \({\mathcal {A}}\) in the above game \(\textsf{Exp}_{{\mathcal {C}},{\mathcal {A}}}^{\mathrm {VI\text{- }IND}}(\kappa )\) is defined as follows:

$$\begin{aligned} \textsf{Adv}_{\mathrm {T\text{- }IB\text{- }HPS}}^{\mathrm {VI\text{- }IND}}(\kappa ,\lambda )=\Big |\Pr [\textsf{Exp}_{{\mathcal {C}},{\mathcal {A}}}^{\mathrm {VI\text{- }IND}}(\lambda ,\kappa )=1]-\frac{1}{2}\Big |, \end{aligned}$$

where the probability is over all random bits used by \({\mathcal {A}}\) and \({\mathcal {C}}\).

Definition 6

(Valid/invalid ciphertext indistinguishability of T-IB-HPS) For any probabilistic polynomial time adversary \({\mathcal {A}}\), if the advantage \(\textsf{Adv}_{\mathrm {T\text{- }IB\text{- }HPS}}^{\mathrm {VI\text{- }IND}}(\kappa ,\lambda )\) of \({\mathcal {A}}\) wins in the above game \(\textsf{Exp}_{{\mathcal {C}},{\mathcal {A}}}^{\mathrm {VI\text{- }IND}}(\kappa )\) is negligible, then, we say that the corresponding T-IB-HPS \(\Pi =(\textsf{Setup},\textsf{KeyGen},\textsf{Encap},\textsf{Encap}^*,\textsf{Decap})\) has valid/invalid ciphertext indistinguishability under chosen key attacks.

1.3 Appendix C.3.: The relation between universally, smoothness and leakage smoothness of T-IB-HPS

In this subsection, the relation between universally, smoothness and leakage smoothness will be described. Theorem 8 shows that the universal T-IB-HPS is also a leakage smooth while the corresponding parameters satisfy certain conditions. Theorem 9 shows that a leakage smooth T-IB-HPS can be created from the combination of a smooth T-IB-HPS and two strong randomness extractors.

Theorem 8

If \(\Pi =(\textsf{Setup},\textsf{KeyGen},\textsf{Encap},\textsf{Encap}^*,\textsf{Decap})\) is a universal T-IB-HPS, and the corresponding encapsulated key space is \({\mathcal {K}}_1\times {\mathcal {K}}_2=\{0,1\}^{l_1}\times \{0,1\}^{l_2}\), then it also is a \(\lambda \)-leakage smooth T-IB-HPS, where \(\lambda \le \delta -l_1-l_2-\omega (\log \kappa )\).

Theorem 8 can be proved based on the leftover hash lemma [40].

Based on the corresponding conclusions of IB-HPS, we can create a leakage smooth T-IB-HPS from a smooth T-IB-HPS by performing the following operations.

Theorem 9

If \(\Pi '=(\textsf{Setup}',\textsf{KeyGen}',\textsf{Encap}',\textsf{Encap}'^*,\textsf{Decap}')\) is a smooth T-IB-HPS, \(\textsf{Ext}_1:\{0,1\}^{l'_1}\times \{0,1\}^{l_t} \rightarrow \{0,1\}^{l_1}\) and \(\textsf{Ext}_2:\{0,1\}^{l'_2}\times \{0,1\}^{l_t} \rightarrow \{0,1\}^{l_2}\) are two average-case \((l'_1-\lambda ,\varepsilon _1)\) and \((l'_2-\lambda ,\varepsilon _2)\)-stronge randomness extractors, then, for any leakage parameter \(\lambda \le \textsf{min}\{l'_1-l_1-\omega (\log \kappa ),l'_2-l_2-\omega (\log \kappa )\}\), the above construction is a \(\lambda \)-leakage smooth T-IB-HPS.

The proof of Theorem 9 is similar to that of Theorem 7. The reader is referred to Appendix B for a similar proof.

Appendix D: Difference Lemma

In this section, we will review difference lemma.

Lemma 2

(Difference lemma) Let \({\mathcal {E}}_1\), \({\mathcal {E}}_2\) and \({\mathcal {F}}\) be events definied in some probability distribution, and suppose that \(\Pr [{\mathcal {E}}_1|\overline{{\mathcal {F}}}]=\Pr [{\mathcal {E}}_2|\overline{{\mathcal {F}}}]\). Then, \(\Big |\Pr [{\mathcal {E}}_1]-\Pr [{\mathcal {E}}_2]\Big |\le \Pr [{\mathcal {F}}]\).

Proof

We have

$$\begin{aligned} \Pr [{\mathcal {E}}_1]-\Pr [{\mathcal {E}}_2]&=\Pr [{\mathcal {E}}_1|{\mathcal {F}}]+\Pr [{\mathcal {E}}_1|\overline{{\mathcal {F}}}]-\Pr [{\mathcal {E}}_2|{\mathcal {F}}]-\Pr [{\mathcal {E}}_2|\overline{{\mathcal {F}}}]\\&=\Pr [{\mathcal {E}}_1|{\mathcal {F}}]-\Pr [{\mathcal {E}}_2|{\mathcal {F}}]\\&\le \Pr [{\mathcal {F}}]. \end{aligned}$$

The second equalily follows from that \(\Pr [{\mathcal {E}}_1|\overline{{\mathcal {F}}}]=\Pr [{\mathcal {E}}_2|\overline{{\mathcal {F}}}]\). The final inequalily from the fact that both \(\Pr [{\mathcal {E}}_1|{\mathcal {F}}]\) and \(\Pr [{\mathcal {E}}_2|{\mathcal {F}}]\) are numbers between 0 and \(\Pr [{\mathcal {F}}]\). \(\square \)