Advertisement

Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening

  • Mihir Bellare
  • Dennis Hofheinz
  • Scott Yilek
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5479)

Abstract

The existence of encryption and commitment schemes secure under selective opening attack (SOA) has remained open despite considerable interest and attention. We provide the first public key encryption schemes secure against sender corruptions in this setting. The underlying tool is lossy encryption. We then show that no non-interactive or perfectly binding commitment schemes can be proven secure with black-box reductions to standard computational assumptions, but any statistically hiding commitment scheme is secure. Our work thus shows that the situation for encryption schemes is very different from the one for commitment schemes.

Keywords

Encryption Scheme Random Oracle Commitment Scheme Impossibility Result Probabilistic Polynomial Time 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Barak, B.: How to go beyond the black-box simulation barrier. In: 42nd Annual Symposium on Foundations of Computer Science, Proceedings of FOCS 2001, pp. 106–115. IEEE Computer Society, Los Alamitos (2001)Google Scholar
  2. 2.
    Barak, B., Goldreich, O.: Universal arguments and their applications. In: 17th Annual IEEE Conference on Computational Complexity, Proceedings of CoCo 2002, pp. 194–203. IEEE Computer Society, Los Alamitos (2002)Google Scholar
  3. 3.
    Barak, B., Prabhakaran, M., Sahai, A.: Concurrent non-malleable zero-knowledge. In: 47th Annual Symposium on Foundations of Computer Science, Proceedings of FOCS 2006, pp. 345–354. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: 1st ACM Conference on Computer and Communications Security, Proceedings of CCS 1993, pp. 62–73. ACM Press, New York (1993)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Optimal asymmetric encryption—how to encrypt with RSA. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Rogaway, P.: Robust computational secrete sharing and a unified account of classical secret-sharing goals. In: 14th ACM Conference on Computer and Communications Security, Proceedings of CCS 2007, pp. 172–184. ACM Press, New York (2007)Google Scholar
  7. 7.
    Bellare, M., Yilek, S.: Encryption schemes secure under selective opening attack. IACR ePrint Archive (2009)Google Scholar
  8. 8.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: 20th ACM Symposium on Theory of Computing, Proceedings of STOC 1988, pp. 1–10. ACM, New York (1988)Google Scholar
  9. 9.
    Blum, M.: Coin flipping by telephone. In: Gersho, A. (ed.) Advances in Cryptology, A report on CRYPTO 1981, number 82-04 in ECE Report, pp. 11–15. University of California, Electrical and Computer Engineering (1982)Google Scholar
  10. 10.
    Boldyreva, A., Fehr, S., O’Neill, A.: On notions of security for deterministic encryption, and efficient constructions without random oracles. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 335–359. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, Proceedings of FOCS 2001, pp. 136–145. IEEE Computer Society, Los Alamitos (2001)Google Scholar
  12. 12.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively secure multi-party computation. In: Twenty-Eighth Annual ACM Symposium on Theory of Computing, Proceedings of STOC 1995, pp. 639–648. ACM Press, New York (1996)CrossRefGoogle Scholar
  14. 14.
    Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable encryption. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 90–104. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  15. 15.
    Canetti, R., Kilian, J., Petrank, E., Rosen, A.: Concurrent zero-knowledge requires \(\tilde\Omega(\log n)\) rounds. In: 33rd Annual ACM Symposium on Theory of Computing, Proceedings of STOC 2001, pp. 570–579. ACM Press, New York (2001)Google Scholar
  16. 16.
    Canetti, R., Halevi, S., Katz, J.: Adaptively-secure, non-interactive public-key encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 150–168. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: 20th ACM Symposium on Theory of Computing, Proceedings of STOC 1988, pp. 11–19. ACM Press, New York (1988)Google Scholar
  18. 18.
    Damgård, I., Nielsen, J.B.: Improved non-committing encryption schemes based on general complexity assumptions. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 432–450. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  19. 19.
    Damgård, I.B., Pedersen, T.P., Pfitzmann, B.: On the existence of statistically hiding bit commitment schemes and fail-stop sigantures. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 250–265. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  20. 20.
    Dodis, Y., Oliveira, R., Pietrzak, K.: On the generic insecurity of the full domain hash. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 449–466. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. In: Twenty-Third Annual ACM Symposium on Theory of Computing, Proceedings of STOC 1991, pp. 542–552. ACM Press, New York (1991) (Extended abstract)CrossRefGoogle Scholar
  22. 22.
    Dwork, C., Naor, M., Reingold, O., Stockmeyer, L.: Magic functions. Journal of the ACM 50(6), 852–921 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  23. 23.
    Dwork, C., Naor, M., Sahai, A.: Concurrent zero-knowledge. Journal of the ACM 51(6), 851–898 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Gennaro, R., Micali, S.: Independent zero-knowledge sets. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 34–45. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  25. 25.
    Goldreich, O.: Foundations of Cryptography (Basic Tools), vol. 1. Cambridge University Press, Cambridge (2001)CrossRefzbMATHGoogle Scholar
  26. 26.
    Goldreich, O., Krawczyk, H.: On the composition of zero-knowledge proof systems. SIAM Journal on Computing 25(1), 169–192 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2) (1984)Google Scholar
  28. 28.
    Haitner, I., Holenstein, T.: On the (im)possibility of key dependent encryption. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 202–219. Springer, Heidelberg (2009)Google Scholar
  29. 29.
    Haitner, I., Reingold, O.: Statistically-hiding commitment from any one-way function. In: 39th Annual ACM Symposium on Theory of Computing, Proceedings of STOC 2007, pp. 1–10. ACM Press, New York (2007)Google Scholar
  30. 30.
    Haitner, I., Hoch, J.J., Reingold, O., Segev, G.: Finding collisions in interactive protocols – a tight lower bound on the round complexity of statistically-hiding commitments. In: 48th Annual Symposium on Foundations of Computer Science, Proceedings of FOCS 2007, pp. 669–679. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  31. 31.
    Hofheinz, D.: Possibility and impossibility results for selective decommitments. IACR ePrint Archive (April 2008)Google Scholar
  32. 32.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Twenty-First Annual ACM Symposium on Theory of Computing, Proceedings of STOC 1989, pp. 44–61. ACM Press, New York (1989) (Extended abstract)CrossRefGoogle Scholar
  33. 33.
    Kilian, J., Petrank, E.: Concurrent and resettable zero-knowledge in poly-logarithmic rounds. In: 33rd Annual ACM Symposium on Theory of Computing, Proceedings of STOC 2001, pp. 560–569. ACM Press, New York (2001)Google Scholar
  34. 34.
    Kol, G., Naor, M.: Cryptography and game theory: Designing protocols for exchanging information. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 320–339. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  35. 35.
    Naor, M.: Bit commitment using pseudo-randomness. Journal of Cryptology 4(2), 151–158 (1991)MathSciNetCrossRefzbMATHGoogle Scholar
  36. 36.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: Twelfth Annual Symposium on Discrete Algorithms, Proceedings of SODA 2001, pp. 448–457. ACM/SIAM (2001)Google Scholar
  37. 37.
    Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Twenty-First Annual ACM Symposium on Theory of Computing, Proceedings of STOC 1989, pp. 33–43. ACM Press, New York (1989)CrossRefGoogle Scholar
  38. 38.
    Nielsen, J.B.: Separating random oracle proofs from complexity theoretic proofs: The non-committing encryption case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 111–126. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  39. 39.
    Panjwani, S.: Tackling adaptive corruptions in multicast encryption protocols. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 21–40. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  40. 40.
    Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: Fotieth Annual ACM Symposium on Theory of Computing, Proceedings of STOC 2008, pp. 187–196. ACM Press, New York (2008)Google Scholar
  41. 41.
    Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554–571. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  42. 42.
    Prabhakaran, M., Rosen, A., Sahai, A.: Concurrent zero knowledge with logarithmic round complexity. In: 43rd Annual Symposium on Foundations of Computer Science, Proceedings of FOCS 2002, pp. 366–375. IEEE Computer Society Press, Los Alamitos (2002)CrossRefGoogle Scholar
  43. 43.
    Reingold, O., Trevisan, L., Vadhan, S.P.: Notions of reducibility between cryptographic primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  44. 44.
    Richardson, R., Kilian, J.: On the concurrent composition of zero-knowledge proofs. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 415–431. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  45. 45.
    Rosen, A., Segev, G.: Efficient lossy trapdoor functions based on the composite residuosity assumption. IACR ePrint Archive (March 2008)Google Scholar
  46. 46.
    Simon, D.R.: Findings collisions on a one-way street: Can secure hash functions be based on general assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 334–345. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  47. 47.
    Wee, H.M.: One-way permutations, interactive hashing and statistically hiding commitments. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 419–433. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Mihir Bellare
    • 1
  • Dennis Hofheinz
    • 2
  • Scott Yilek
    • 1
  1. 1.Dept. of Computer Science & EngineeringUniversity of California at San DiegoLa JollaUSA
  2. 2.CWIAmsterdam

Personalised recommendations