Geodesic
Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited
International Journal of Applied Mathematics and Computer Science, Tome 25 (2015) no. 2, pp. 415-430.

Voir la notice de l'article provenant de la source Library of Science

Fehr et al. (2010) proposed the first sender-equivocable encryption scheme secure against chosen-ciphertext attacks (NCCCA) and proved that NC-CCA security implies security against selective opening chosen-ciphertext attacks (SO-CCA). The NC-CCA security proof of the scheme relies on security against substitution attacks of a new primitive, the “cross-authentication code”. However, the security of the cross-authentication code cannot be guaranteed when all the keys used in the code are exposed. Our key observation is that, in the NC-CCA security game, the randomness used in the generation of the challenge ciphertext is exposed to the adversary. Based on this observation, we provide a security analysis of Fehr et al.'s scheme, showing that its NC-CCA security proof is flawed. We also point out that the scheme of Fehr et al. encrypting a single-bit plaintext can be refined to achieve NC-CCA security, free of the cross-authentication code. Furthermore, we propose the notion of “strong cross-authentication code”, apply it to Fehr et al. 's scheme, and show that the new version of the latter achieves NC-CCA security for multi-bit plaintexts.
Keywords: sender equivocable encryption, chosen ciphertext attack, cross authentication code 
@article{IJAMCS_2015_25_2_a17,
     author = {Huang, Z. and Liu, S. and Qin, B. and Chen, K.},
     title = {Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited},
     journal = {International Journal of Applied Mathematics and Computer Science},
     pages = {415--430},
     publisher = {mathdoc},
     volume = {25},
     number = {2},
     year = {2015},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/IJAMCS_2015_25_2_a17/}
}
TY  - JOUR
AU  - Huang, Z.
AU  - Liu, S.
AU  - Qin, B.
AU  - Chen, K.
TI  - Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited
JO  - International Journal of Applied Mathematics and Computer Science
PY  - 2015
SP  - 415
EP  - 430
VL  - 25
IS  - 2
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/IJAMCS_2015_25_2_a17/
LA  - en
ID  - IJAMCS_2015_25_2_a17
ER  - 
%0 Journal Article
%A Huang, Z.
%A Liu, S.
%A Qin, B.
%A Chen, K.
%T Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited
%J International Journal of Applied Mathematics and Computer Science
%D 2015
%P 415-430
%V 25
%N 2
%I mathdoc
%U http://geodesic.mathdoc.fr/item/IJAMCS_2015_25_2_a17/
%G en
%F IJAMCS_2015_25_2_a17
Huang, Z.; Liu, S.; Qin, B.; Chen, K. Sender-equivocable encryption schemes secure against chosen-ciphertext attacks revisited. International Journal of Applied Mathematics and Computer Science, Tome 25 (2015) no. 2, pp. 415-430. http://geodesic.mathdoc.fr/item/IJAMCS_2015_25_2_a17/

[1] Bellare, M., Dowsley, R., Waters, B. and Yilek, S. (2012). Standard security does not imply security against selective-opening, in D. Pointcheval and T. Johansson (Eds.), Advances in Cryptology—EUROCRYPT 2012, Springer, Berlin/Heidelberg, pp. 645–662.

[2] Bellare, M., Hofheinz, D. and Yilek, S. (2009). Possibility and impossibility results for encryption and commitment secure under selective opening, in A. Joux (Ed.), Advances in Cryptology—EUROCRYPT 2009, Springer, Berlin/Heidelberg, pp. 1–35.

[3] Bellare, M., Waters, B. and Yilek, S. (2011). Identity-based encryption secure against selective opening attack, in Y. Ishai (Ed.), Theory of Cryptography, Springer, Berlin/Heidelberg, pp. 235–252.

[4] Böhl, F., Hofheinz, D. and Kraschewski, D. (2012). On definitions of selective opening security, in M. Fischlin, J. Buchmann and M. Manulis (Eds.), Public Key Cryptography—PKC 2012, Springer, Berlin/Heidelberg, pp. 522–539.

[5] Canetti, R., Friege, U., Goldreich, O. and Naor, M. (1996). Adaptively secure multi-party computation, Technical report, Massachusetts Institute of Technology, Cambridge, MA.

[6] Cramer, R. and Shoup, V. (2002). Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in L.R. Knudsen (Ed.), Advances in Cryptology—EUROCRYPT 2002, Springer, Berlin/Heidelberg, pp. 45–64.

[7] Fehr, S., Hofheinz, D., Kiltz, E. and Wee, H. (2010). Encryption schemes secure against chosen-ciphertext selective opening attacks, in H. Gilbert (Ed.), Advances in Cryptology—EUROCRYPT 2010, Berlin/Heidelberg, Springer, pp. 381–402.

[8] Gao, C.-z., Xie, D. and Wei, B. (2012). Deniable encryptions secure against adaptive chosen ciphertext attack, in M.D. Ryan, B. Smyth and G. Wang (Eds.), Information Security Practice and Experience, Springer, Berlin/Heidelberg, pp. 46–62.

[9] Hemenway, B., Libert, B., Ostrovsky, R. and Vergnaud, D. (2011). Lossy encryption: Constructions from general assumptions and efficient selective opening chosen ciphertext security, in D.H. Lee and X. Wang (Eds.), Advances in Cryptology—ASIACRYPT 2011, Springer, Berlin/Heidelberg, pp. 70–88.

[10] Hofheinz, D. (2012). All-but-many lossy trapdoor functions, in D. Pointcheval and T. Johansson (Eds.), Advances in Cryptology—EUROCRYPT 2012, Springer, Berlin/Heidelberg, pp. 209–227.

[11] Myers, S. and Shelat, A. (2009). Bit encryption is complete, 50th Annual IEEE Symposium on Foundations of Computer Science, FOCS’09, Atlanta, GA, USA, pp. 607–616.

[12] Peikert, C. and Waters, B. (2011). Lossy trapdoor functions and their applications, SIAM Journal on Computing 40(6): 1803–1844.