Abstract
In CRYPTO 2010, Wee proposed the notion of ‘‘extractable hash proof systems” (XHPS), and its richer version, ‘‘all-but-one XHPS” (ABO-XHPS), and showed that chosen ciphertext secure (CCA secure) key encapsulation mechanisms (KEM) can be constructed from them. This elegantly explains several recently proposed practical KEMs constructed based on the ‘‘all-but-one” simulation paradigm in a unified framework. Somewhat frustratingly, however, there still exist popular KEMs whose construction and security proofs are not captured by this framework. In this paper, we revisit the framework of the ABO-XHPS-based KEM. Firstly, we show that to prove CCA security of the ABO-XHPS-based KEM, some requirements can be relaxed. This relaxation widens the applicability of the original framework, and explains why many known practical KEMs can be proved CCA secure. Moreover, we introduce new properties for ABO-XHPS, and show how one of the properties leads to KEMs that achieve ‘‘constrained” CCA security, which is a useful security notion of KEMs for obtaining CCA secure public key encryption via hybrid encryption. Thirdly, we investigate the relationships among computational properties that we introduce in this paper, and derive a useful theorem that enables us to understand the structure of KEMs of a certain type in a modular manner. Finally, we show that the ABO-XHPS-based KEM can be extended to efficient multi-recipient KEMs. Our results significantly extend the framework for constructing a KEM from ABO-XHPS, enables us to capture and explain more existing practical CCA secure schemes (most notably those based on the decisional Diffie-Hellman assumption) in the framework, and leads to a number of new instantiations of (single- and multi-recipient) KEMs.
Chapter PDF
Similar content being viewed by others
Keywords
References
Bellare, M., Boldyreva, A., Kurosawa, K., Staddon, J.: Multirecipient encryption schemes: How to save on bandwidth and computation without sacrificing security. IEEE Trans. Inf. Theory 53(11), 3927–3943 (2007)
Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)
Boneh, D., Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007)
Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: ACMCCS 2005, pp. 320–329 (2005)
Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. Updated version of [4]. Cryptology ePrint Archive: Report 2005/288 (2005), http://eprint.iacr.org/2005/288/
Cash, D., Kiltz, E., Shoup, V.: The Twin Diffie-Hellman Problem and Applications. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 127–145. Springer, Heidelberg (2008)
Cramer, R., Shoup, V.: Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003)
Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. In: STOC 1991, pp. 542–552 (1991)
Elkind, E., Sahai, A.: A unified methodology for constructing public-key encryption schemes secure against adaptive chosen-ciphertext attack. Cryptology ePrint Archive: Report 2002/042 (2002), http://eprint.iacr.org/2002/042/
Gennaro, R., Krawczyk, H., Rabin, T.: Secure Hashed Diffie-Hellman over Non-DDH Groups. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 361–381. Springer, Heidelberg (2004)
Hanaoka, G., Kurosawa, K.: Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 308–325. Springer, Heidelberg (2008)
Hanaoka, G., Kurosawa, K.: Efficient chosen ciphertext secure public key encryption under the computational Diffie-Hellman assumption. Full version of [12]. Cryptology ePrint Archive: Report 2008/211 (2008), http://eprint.iacr.org/2008/211/
Hanaoka, G., Kurosawa, K.: Between hashed DH and computational DH: Compact encryption from weaker assumption. IEICE Transactions E93-A(11), 1994–2006 (2010)
Haralambiev, K., Jager, T., Kiltz, E., Shoup, V.: Simple and Efficient Public-Key Encryption from Computational Diffie-Hellman in the Standard Model. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 1–18. Springer, Heidelberg (2010)
Hiwatari, H., Tanaka, K., Asano, T., Sakumoto, K.: Multi-recipient Public-Key Encryption from Simulators in Security Proofs. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 293–308. Springer, Heidelberg (2009)
Hofheinz, D., Kiltz, E.: Secure Hybrid Encryption from Weakened Key Encapsulation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 553–571. Springer, Heidelberg (2007)
Hofheinz, D., Kiltz, E.: Practical Chosen Ciphertext Secure Encryption from Factoring. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 313–332. Springer, Heidelberg (2009)
Kiltz, E.: Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 282–297. Springer, Heidelberg (2007)
Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)
Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: STOC 1989, pp. 33–43 (1989)
Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: STOC 1990, pp. 427–437 (1990)
Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: STOC 2008, pp. 187–196 (2008)
Rackoff, C., Simon, D.R.: Non-interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)
Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In: FOCS 1999, pp. 543–553 (1999)
Smart, N.P.: Efficient Key Encapsulation to Multiple Parties. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 208–219. Springer, Heidelberg (2005)
Wee, H.: Efficient Chosen-Ciphertext Security via Extractable Hash Proofs. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 314–332. Springer, Heidelberg (2010)
Wee, H.: Threshold and Revocation Cryptosystems via Extractable Hash Proofs. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 589–609. Springer, Heidelberg (2011)
Yamada, S., Kawai, Y., Hanaoka, G., Kunihiro, N.: Public key encryption schemes from the (B)CDH assumption with better efficiency. IEICE Transactions 93-A(11), 1984–1993 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 International Association for Cryptologic Research
About this paper
Cite this paper
Matsuda, T., Hanaoka, G. (2013). Key Encapsulation Mechanisms from Extractable Hash Proof Systems, Revisited. In: Kurosawa, K., Hanaoka, G. (eds) Public-Key Cryptography – PKC 2013. PKC 2013. Lecture Notes in Computer Science, vol 7778. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36362-7_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-36362-7_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36361-0
Online ISBN: 978-3-642-36362-7
eBook Packages: Computer ScienceComputer Science (R0)