Secure Blind Decryption

  • Matthew Green
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6571)

Abstract

In this work we construct public key encryption schemes that admit a protocol for blindly decrypting ciphertexts. In a blind decryption protocol, a user with a ciphertext interacts with a secret keyholder such that the user obtains the decryption of the ciphertext and the keyholder learns nothing about what it decrypted. While we are not the first to consider this problem, previous works provided only weak security guarantees against malicious users. We provide, to our knowledge, the first practical blind decryption schemes that are secure under a strong CCA security definition. We prove our construction secure in the standard model under simple, well-studied assumptions in bilinear groups. To motivate the usefulness of this primitive we discuss several applications including privacy-preserving distributed file systems and Oblivious Transfer schemes that admit public contribution.

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Matthew Green
    • 1
  1. 1.Information Security InstituteJohns Hopkins UniversityBaltimoreUSA

Personalised recommendations