short-paper

Proof of plaintext knowledge for code-based public-key encryption revisited

Authors:

Kirill Morozov,

Tsuyoshi TakagiAuthors Info & Claims

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

Pages 535 - 540

https://doi.org/10.1145/2484313.2484385

Published: 08 May 2013 Publication History

Abstract

In a recent paper at Asiacrypt'2012, Jain et al point out that Veron code-based identification scheme is not perfect zero-knowledge. In particular, this creates a gap in security arguments of proof of plaintext knowledge (PPK) and verifiable encryption for the McEliece public key encryption (PKE) proposed by Morozov and Takagi at ACISP'2012. We fix the latter result by showing that PPK for the code-based Niederreiter and McEliece PKE's can be constructed using Stern zero-knowledge identification scheme, which is unaffected by the above mentioned problem. Since code-based verifiable encryption uses PPK as a main ingredient, our proposal presents a fix for the McEliece verifiable encryption as well. In addition, we present the Niederreiter verifiable encryption.

References

[1]

Y. Aumann and M.O. Rabin. A Proof of Plaintext Knowledge Protocol and Applications. Manuscript. June, 2001. Available as slides from 1998 IACR Distinguished Lecture by M.O. Rabin: http://www.iacr.org/publications/dl/rabin98/rabin98slides.ps.

[2]

N. Asokan, V. Shoup, M. Waidner. Optimistic Fair Exchange of Digital Signatures(Extended Abstract). EUROCRYPT 1998: 591--606.

[3]

A. Becker, A. Joux, A. May, A. Meurer: Decoding Random Binary Linear Codes in 2n/20: How 1 + 1 = 0 Improves Information Set Decoding. EUROCRYPT 2012: 520--536.

Digital Library

[4]

Mihir Bellare, Phillip Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. ACM Conference on Computer and Communications Security 1993: 62--73.

Digital Library

[5]

R. Bendlin, I. Damgård. Threshold Decryption and Zero-Knowledge Proofs for Lattice-Based Cryptosystems. TCC 2010: 201--218.

Digital Library

[6]

D.J. Bernstein, T. Lange, C. Peters. Wild McEliece. Selected Areas in Cryptography 2010: 143--158.

Digital Library

[7]

E. Berlekamp, R. McEliece, and H. van Tilborg. On the inherent intractability of certain coding problems, IEEE Trans. on Inf. Theory 24, 1978: 384--386.

Digital Library

[8]

D.J. Bernstein: Grover vs. McEliece. PQCrypto 2010: 73--80.

Digital Library

[9]

D.J. Bernstein, T. Lange and C. Peters. Smaller Decoding Exponents: Ball-Collision Decoding. CRYPTO 2011: 743--760.

Digital Library

[10]

. Camenisch, I. Damgård. Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes. ASIACRYPT 2000: 331--345.

Digital Library

[11]

. Camenisch, V. Shoup: Practical Verifiable Encryption and Decryption of Discrete Logarithms. CRYPTO 2003: 126--144.

[12]

ierre-Louis Cayrel, Mohammed Meziani: Post-quantum Cryptography: Code-Based Signatures. AST/UCMA/ISA/ACN 2010: 82--99.

Digital Library

[13]

. Cover. Enumerative source encoding. IEEE Transactions onInformation Theory, 19(1):73--77, January 1973.

Digital Library

[14]

R. Dowsley, J. van de Graaf, J. Müller-Quade, A.C.A. Nascimento: Oblivious Transfer Based on the McEliece Assumptions. ICITS 2008: 107--117.

Digital Library

[15]

. Engelbert, R. Overbeck and A. Schmidt: A Summary of McEliece-Type Cryptosystems and their Security, Journal of Mathematical Cryptology, vol. 1, Walter de Gruyter, 2007: 151--199.

[16]

ean-Charles Faugère, Ayoub Gauthier-Umana, Valérie Otmani, Ludovic Perret, and Jean-Pierre Tillich. A Distinguisher for High Rate McEliece Cryptosystems. Information Theory Workshop (ITW), 2011: 282--286.

[17]

M. Finiasz, N. Sendrier: Security Bounds for the Design of Code-Based Cryptosystems. ASIACRYPT 2009: 88--105.

Digital Library

[18]

Z. Galil, S. Haber, M. Yung: Symmetric Public-Key Encryption. CRYPTO 1985: 128--137.

Digital Library

[19]

O. Goldreich: Foundations of Cryptography I: Basic Tools. Cambridge University Press, 2001.

Digital Library

[20]

S. Goldwasser, D. Kharchenko: Proof of Plaintext Knowledge for the Ajtai-Dwork Cryptosystem. TCC 2005: 529--555.

Digital Library

[21]

A. Jain, S. Krenn, K. Pietrzak, A. Tentes: Commitments and Efficient Zero-Knowledge Proofs from Learning Parity with Noise. ASIACRYPT 2012: 663--680.

Digital Library

[22]

J. Katz: Efficient and Non-malleable Proofs of Plaintext Knowledge and Applications. EUROCRYPT 2003: 211--228.

Digital Library

[23]

K. Kobara, K. Morozov, R. Overbeck: Coding-Based Oblivious Transfer. MMICS 2008: 142--156.

Digital Library

[24]

Y. X. Li, R. H. Deng, and X. M. Wang: The Equivalence of McEliece's and Niederreiter'sPublic-Key Cryptosystems. IEEE Trans. Inform. Theory 40, 1994: 271--273.

Digital Library

[25]

R.J. McEliece: A Public-Key Cryptosystem Based on Algebraic Coding Theory. Deep Space Network Progress Rep., 1978.

[26]

K. Morozov, T. Takagi: Zero-Knowledge Protocols for the McEliece Encryption. ACISP 2012: 180--193.

Digital Library

[27]

H. Niederreiter: Knapsack-type Cryptosystems and Algebraic Coding Theory. Prob. of Control and Inf. Theory, 15(2), 1986: 159--166.

[28]

R. Nojima, H. Imai, K. Kobara, K. Morozov. Semantic security for the McEliece cryptosystem without random oracles. Des. Codes Cryptography 49(1-3), 2008: 289--305.

Digital Library

[29]

K. Pietrzak: Cryptography from Learning Parity with Noise. SOFSEM 2012: 99--114.

Digital Library

[30]

C. Peters: Information-Set Decoding for Linear Codes over F_q. PQCrypto 2010: 81--94.

Digital Library

[31]

N. Sendrier. On the security of the McEliece public-key cryptosystem. Information, Coding and Mathematics -- Proceedings of Workshop honoring Prof. Bob McEliece on his 60th birthday, Kluwer, 2002: 141--163.

[32]

N. Sendrier: Encoding information into constant weight codewords, ISIT 2005: 435--438.

[33]

M. Stadler: Publicly Verifiable Secret Sharing. EUROCRYPT 1996: 190--199.

Digital Library

[34]

. Stern: A new paradigm for public key identification. IEEE Trans. Inform. Theory 42(6), 1996: 1757--1768. A conference version: J. Stern: A New Identification Scheme Based on Syndrome Decoding. CRYPTO 1993: 13--21.

[35]

P. Véron. Improved identification schemes based on error-correcting codes. Appl. Algebra Eng. Commun. Comput. 8(1), 1996: 57--69.

Digital Library

[36]

K. Xagawa, A. Kawachi, K. Tanaka. Proof of Plaintext Knowledge for the Regev Cryptosystems. Tech.rep. C-236, Tokyo Inst. of Technology, 2007.

[37]

K. Xagawa, K. Tanaka. Zero-Knowledge Protocols for NTRU: Application to Identification and Proof of Plaintext Knowledge. ProvSec 2009: 198--213.

Digital Library

Cited By

Ezerman MLee HLing SNguyen KWang H(2020)Provably Secure Group Signature Schemes From Code-Based AssumptionsIEEE Transactions on Information Theory10.1109/TIT.2020.297607366:9(5754-5773)Online publication date: Sep-2020
https://doi.org/10.1109/TIT.2020.2976073
Brunetta CLiang BMitrokotsa A(2019)Code-Based Zero Knowledge PRF ArgumentsInformation Security10.1007/978-3-030-30215-3_9(171-189)Online publication date: 2-Sep-2019
https://doi.org/10.1007/978-3-030-30215-3_9
Ezerman MLee HLing SNguyen KWang H(2015)A Provably Secure Group Signature Scheme from Code-Based AssumptionsProceedings, Part I, of the 21st International Conference on Advances in Cryptology -- ASIACRYPT 2015 - Volume 945210.1007/978-3-662-48797-6_12(260-285)Online publication date: 29-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-662-48797-6_12
Show More Cited By

Index Terms

Proof of plaintext knowledge for code-based public-key encryption revisited
1. Theory of computation

Recommendations

Proof of plaintext knowledge for the ajtai-dwork cryptosystem
TCC'05: Proceedings of the Second international conference on Theory of Cryptography

Ajtai and Dwork proposed a public-key encryption scheme in 1996 which they proved secure under the assumption that the unique shortest vector problem is hard in the worst case. This cryptosystem and its extension by Regev are the only one known for ...
Semantic security for the McEliece cryptosystem without random oracles

In this paper, we formally prove that padding the plaintext with a random bit-string provides the semantic security against chosen plaintext attack (IND-CPA) for the McEliece (and its dual, the Niederreiter) cryptosystems under the standard assumptions. ...
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I

Design a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

May 2013

574 pages

ISBN:9781450317672

DOI:10.1145/2484313

General Chairs:
Kefei Chen
Shanghai Jiao Tong University, China
,
Qi Xie
Hangzhou Normal University, China
,
Weidong Qiu
Shanghai Jiao Tong University, China
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Wen-Guey Tzeng
National Chiao Tung University, Taiwan

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 May 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

ASIA CCS '13

Sponsor:

SIGSAC

ASIA CCS '13: 8th ACM Symposium on Information, Computer and Communications Security

May 8 - 10, 2013

Hangzhou, China

Acceptance Rates

ASIA CCS '13 Paper Acceptance Rate 35 of 216 submissions, 16%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
167
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ezerman MLee HLing SNguyen KWang H(2020)Provably Secure Group Signature Schemes From Code-Based AssumptionsIEEE Transactions on Information Theory10.1109/TIT.2020.297607366:9(5754-5773)Online publication date: Sep-2020
https://doi.org/10.1109/TIT.2020.2976073
Brunetta CLiang BMitrokotsa A(2019)Code-Based Zero Knowledge PRF ArgumentsInformation Security10.1007/978-3-030-30215-3_9(171-189)Online publication date: 2-Sep-2019
https://doi.org/10.1007/978-3-030-30215-3_9
Ezerman MLee HLing SNguyen KWang H(2015)A Provably Secure Group Signature Scheme from Code-Based AssumptionsProceedings, Part I, of the 21st International Conference on Advances in Cryptology -- ASIACRYPT 2015 - Volume 945210.1007/978-3-662-48797-6_12(260-285)Online publication date: 29-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-662-48797-6_12
Morozov K(2014)Code-Based Public-Key EncryptionA Mathematical Approach to Research Problems of Science and Technology10.1007/978-4-431-55060-0_4(47-55)Online publication date: 15-Jul-2014
https://doi.org/10.1007/978-4-431-55060-0_4

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents