Advertisement

Subtleties in Security Definitions for Predicate Encryption with Public Index

  • Johannes BlömerEmail author
  • Gennadij Liske
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10693)

Abstract

We take a critical look at established security definitions for predicate encryption (PE) with public index under chosen-plaintext attack (CPA) and under chosen-ciphertext attack (CCA). We identify three different formalizations of key handling in the literature, implicitly assumed to lead to the same security notion. Contrary to this assumption, we prove that the corresponding models result in two different security notions under CPA and three different security notions under CCA. Similarly to the recent results for PKE and conventional key-encapsulation mechanism (KEM), we analyze subtleties in the security definitions for PE and predicate key-encapsulation mechanism (P-KEM) regarding the so-called “no-challenge-decryption” condition. While the results for PE and PKE are similar, the results for P-KEM significantly differ from the corresponding results for conventional KEM. As a consequence of our work, we suggest security definitions for PE and P-KEM under different attack scenarios.

Keywords

Predicate encryption with public index Key-encapsulation mechanism Chosen-plaintext attack Chosen-ciphertext attack 

References

  1. 1.
    Attrapadung, N.: Dual system encryption via doubly selective security: framework, fully secure functional encryption for regular languages, and more. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 557–577. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_31 CrossRefGoogle Scholar
  2. 2.
    Attrapadung, N., et al.: Relations among notions of security for identity based encryption schemes. In: Correa, J.R., Hevia, A., Kiwi, M. (eds.) LATIN 2006. LNCS, vol. 3887, pp. 130–141. Springer, Heidelberg (2006).  https://doi.org/10.1007/11682462_16 CrossRefGoogle Scholar
  3. 3.
    Attrapadung, N., Imai, H.: Dual-policy attribute based encryption: simultaneous access control with ciphertext and key policies. IEICE Trans. 93–A(1), 116–125 (2010)CrossRefGoogle Scholar
  4. 4.
    Barbosa, M., Farshim, P.: On the semantic security of functional encryption schemes. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 143–161. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36362-7_10 CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Hofheinz, D., Kiltz, E.: Subtleties in the definition of IND-CCA: when and how should challenge decryption be disallowed? J. Cryptol. 28(1), 29–48 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Bellare, M., O’Neill, A.: Semantically-secure functional encryption: possibility results, impossibility results and the quest for a general definition. In: Abdalla, M., Nita-Rotaru, C., Dahab, R. (eds.) CANS 2013. LNCS, vol. 8257, pp. 218–234. Springer, Cham (2013).  https://doi.org/10.1007/978-3-319-02937-5_12 CrossRefGoogle Scholar
  7. 7.
    Blömer, J., Liske, G.: Construction of fully CCA-secure predicate encryptions from pair encoding schemes. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 431–447. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29485-8_25 CrossRefGoogle Scholar
  8. 8.
    Blömer, J., Liske, G.: Subtleties in security definitions for predicate encryption with public index. IACR Cryptology ePrint Archive 2017, 453 (2017). http://eprint.iacr.org/2017/453
  9. 9.
    Boneh, D., Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2007), pp. 647–657. IEEE Computer Society (2007)Google Scholar
  12. 12.
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_16 CrossRefGoogle Scholar
  13. 13.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: 40th Annual ACM Symposium on Theory of Computing, pp. 197–206. ACM (2008)Google Scholar
  14. 14.
    Goldreich, O.: The Foundations of Cryptography - Basic Tools, vol. 1. Cambridge University Press, Cambridge (2004)CrossRefzbMATHGoogle Scholar
  15. 15.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2014)zbMATHGoogle Scholar
  16. 16.
    Kiltz, E., Galindo, D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. Theor. Comput. Sci. 410(47–49), 5093–5111 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Kiltz, E., Vahlis, Y.: CCA2 secure IBE: standard model efficiency through authenticated symmetric encryption. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 221–238. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-79263-5_14 CrossRefGoogle Scholar
  18. 18.
    Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-11799-2_27 CrossRefGoogle Scholar
  19. 19.
    Lewko, A., Waters, B.: New proof methods for attribute-based encryption: achieving full security through selective techniques. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 180–198. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_12 CrossRefGoogle Scholar
  20. 20.
    Okamoto, T., Takashima, K.: Fully secure functional encryption with general relations from the decisional linear assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_11 CrossRefGoogle Scholar
  21. 21.
    O’Neill, A.: Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556 (2010). https://eprint.iacr.org/2010/556
  22. 22.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_27 CrossRefGoogle Scholar
  23. 23.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985).  https://doi.org/10.1007/3-540-39568-7_5 CrossRefGoogle Scholar
  24. 24.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_7 CrossRefGoogle Scholar
  25. 25.
    Yamada, S., Attrapadung, N., Hanaoka, G., Kunihiro, N.: Generic constructions for chosen-ciphertext secure attribute based encryption. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 71–89. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_5 CrossRefGoogle Scholar
  26. 26.
    Yamada, S., Attrapadung, N., Santoso, B., Schuldt, J.C.N., Hanaoka, G., Kunihiro, N.: Verifiable predicate encryption and applications to CCA security and anonymous predicate authentication. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 243–261. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_15 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Paderborn UniversityPaderbornGermany

Personalised recommendations