Completely non-malleable encryption revisited

Authors:
Carmine Ventre;Ivan Visconti
Affiliations:
Dipartimento di Informatica ed Applicazioni, Università di Salerno, Fisciano, SA, Italy;Dipartimento di Informatica ed Applicazioni, Università di Salerno, Fisciano, SA, Italy
Venue:
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Year:
2008

Citing 15
Cited 6

One-way functions are necessary and sufficient for secure signatures

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Non-malleable cryptography

STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Concurrent zero-knowledge

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security

FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Efficient cryptographic protocols preventing "man-in-the-middle" attacks

Efficient cryptographic protocols preventing "man-in-the-middle" attacks
On the (In)security of the Fiat-Shamir Paradigm

FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
New and improved constructions of non-malleable cryptographic protocols

Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Concurrent Non-Malleable Commitments

FOCS '05 Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science
Concurrent Non-Malleable Zero Knowledge

FOCS '06 Proceedings of the 47th Annual IEEE Symposium on Foundations of Computer Science
Efficient and non-malleable proofs of plaintext knowledge and applications

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Completely non-malleable schemes

ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming

Efficient completely non-malleable public key encryption

ICALP'10 Proceedings of the 37th international colloquium conference on Automata, languages and programming
Relations among notions of complete non-malleability: indistinguishability characterisation and efficient construction without random oracles

ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Strong knowledge extractors for public-key encryption schemes

ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Lattice-based completely non-malleable PKE in the standard model

ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Strong security notions for timed-release public-key encryption revisited

ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Lattice-based completely non-malleable public-key encryption in the standard model

Designs, Codes and Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

Several security notions for public-key encryption schemes have been proposed so far, in particular considering the powerful adversary that can play a so called "man-in-the-middle" attack. In this paper we extend the notion of completely non-malleable encryption introduced in [Fischlin, ICALP 05]. This notion immunizes a scheme from adversaries that can generate related ciphertexts under new public keys. This notion is motivated by its powerful features when encryption schemes are used as subprotocols. While in [Fischlin, ICALP 05] the only notion of simulation-based completely non-malleable encryption with respect to CCA2 adversaries was given, we present new game-based definitions for completely non-malleable encryption that follow the standard separations among NM-CPA, NM-CCA1 and NM-CCA2 security given in [Bellare et al., CRYPTO 98]. This is motivated by the fact that in several cases, the simplest notion we introduce (i.e., NM-CPA*) in several cases suffices for the main application that motivated the introduction of the notion of NM-CCA2* security, i.e., the design of nonmalleable commitment schemes. Further the game-based definition of NM-CPA* security actually implies the simulation-based one. We then focus on constructing encryption schemes that satisfy these strong security notions and show: 1) an NM-CCA2* secure encryption scheme in the shared random string model; 2) an NM-CCA2* secure encryption scheme in the plain model; for this second result, we use interaction and non-black-box techniques to overcome an impossibility result. Our results clarify the importance of these stronger notions of encryption schemes and show how to construct them without requiring random oracles.