Towards Restricting Plaintext Space in Public Key Encryption
This paper investigates methods that allow a third-party authority to control contents transmitted using a public key infrastructure. Since public key encryption schemes are normally designed not to leak even partial information of plaintext, traditional public key encryption schemes do not allow such controlling by an authority. In the proposed schemes, an authority specifies some set of forbidden messages, and anyone can detect a ciphertext that encrypts one of the forbidden messages. The syntax of public key encryption with such a functionality (restrictive public key encryption), formal definitions of security requirement for restrictive public key encryption schemes, and an efficient construction of restrictive public key encryption are given.
In principle, restrictive public key encryption schemes can be constructed by adding an NIZK proof that proves whether the encrypted messages are not prohibited. However if one uses the general NIZK technique to construct such a non-interactive proof, the scheme becomes extremely inefficient. In order to avoid such an inefficient construction, the construction given in this paper uses techniques of Teranishi et al., Boudot, and Nakanishi et al.
One of the possible applications of restrictive public key encryption is protecting a public key infrastructure from abuse by terrorists by disallowing encryption of crime-related keywords. Another example is to perform format-check of a ballot in an electronic voting, by disallowing encryption of irregular format voting.
KeywordsSignature Scheme Message Space Challenge Ciphertext Decryption Oracle Bilinear Group
Unable to display preview. Download preview PDF.
- 9.Cramer, R.: Modular Design of Secure yet Practical Cryptographic Protocols. PhD thesis, CWI and Uni. of Amsterdam (November 1996)Google Scholar
- 10.Damgård, I.: On Σ-protocol. Cryptologic Protocol Theory, CPT 2010, v.2 (2010), http://www.daimi.au.dk/~ivan/Sigma.pdf
- 17.Tate, S.R., Vishwanathan, R.: Improving cut-and-choose in verifiable encryption and fair exchange protocols using trusted computing technology. In: DBSec, pp. 252–267 (2009)Google Scholar