2,888 Hits in 6.1 sec

Deterministic Public-Key Encryption for Adaptively-Chosen Plaintext Distributions

Ananth Raghunathan, Gil Segev, Salil Vadhan
2018 Journal of Cryptology  
Formalizing Adaptive Security for Deterministic Public-Key Encryption In this section we present a framework for modeling the security of deterministic public-key encryption schemes in an adaptive setting  ...  We formalize and realize a new notion of security for deterministic public-key encryption, allowing adversaries to adaptively choose plaintext distributions after seeing the public key of the scheme, in  ...  deterministic public-key encryption scheme can be proven secure for all (T, k)sources using a black-box reduction to a "falsifiable" hardness assumption.  ... 
doi:10.1007/s00145-018-9287-y fatcat:4cdxjk5j25gc7nozby55mjyc54

Deterministic Public-Key Encryption for Adaptively Chosen Plaintext Distributions [chapter]

Ananth Raghunathan, Gil Segev, Salil Vadhan
2013 Lecture Notes in Computer Science  
The resulting line of research has so far guaranteed security only for adversarially-chosen plaintext distributions that are independent of the public key used by the scheme.  ...  The only restrictions we make are that: (1) plaintext distributions are unpredictable (as is essential in deterministic public-key encryption), and (2) the number of plaintext distributions from which  ...  Formalizing Adaptive Security for Deterministic Public-Key Encryption In this section we present a framework for modeling the security of deterministic public-key encryption schemes in an adaptive setting  ... 
doi:10.1007/978-3-642-38348-9_6 fatcat:66aq2aslozfcnd55dqwoqvo77q

An Overview of RSA and OAEP Padding

Yutong Zhong
2022 Highlights in Science, Engineering and Technology  
It is important for encryption to prevent unauthorized access to data and the encrypted data can't be cracked easily. The RSA algorithm was released by Rivest, Shamir and Adleman in 1978.  ...  In this article, we review the RSA algorithm and the padding schemes used with RSA encryption to avoid semantical insecurity such as optimal asymmetric encryption padding (OSAP).  ...  The purpose of a padding scheme is to avoid adversary to retrieve information of the primitive, for example, a chosen plaintext attack or an adaptive chosen ciphertext attack in RSA.  ... 
doi:10.54097/hset.v1i.431 fatcat:rzgkssstkrccfkqlcwh2c4u63y

Better Security for Deterministic Public-Key Encryption: The Auxiliary-Input Setting [chapter]

Zvika Brakerski, Gil Segev
2011 Lecture Notes in Computer Science  
We formalize a framework for studying the security of deterministic public-key encryption schemes with respect to auxiliary inputs.  ...  Deterministic public-key encryption, introduced by Bellare, Boldyreva, and O'Neill (CRYPTO '07), provides an alternative to randomized public-key encryption in various scenarios where the latter exhibits  ...  Subject to this restriction, they adapted semantic security to the setting of deterministic encryption: For any high-entropy plaintext distribution, whatever can be computed efficiently from the ciphertext  ... 
doi:10.1007/978-3-642-22792-9_31 fatcat:2wqngpibvvajtnljikbjh3e5le

Efficient Constructions of Deterministic Encryption from Hybrid Encryption and Code-Based PKE [chapter]

Yang Cui, Kirill Morozov, Kazukuni Kobara, Hideki Imai
2009 Lecture Notes in Computer Science  
, where the public key is re-used as a hash function.  ...  We build on the new security notion for deterministic encryption (PRIV) and the PRIV-secure schemes presented by Bellare et al at Crypto'07.  ...  This is required because the public key itself carries some non-trivial information about the plaintext if the encryption is deterministic. 3 Thus, equipping either A f or A g with both the public key  ... 
doi:10.1007/978-3-642-02181-7_17 fatcat:g6xnaikqtrdxbfi5tnomcddvpm

An Efficiently Searchable Encrypted Data Structure for Range Queries [article]

Florian Kerschbaum, Anselme Tueno
2017 arXiv   pre-print
In this paper we present an efficiently searchable, encrypted data structure that is provably secure against these and even more powerful chosen plaintext attacks.  ...  At CCS 2015 Naveed et al. presented first attacks on efficiently searchable encryption, such as deterministic and order-preserving encryption.  ...  Let pk ← KDer(sk) be a deterministic algorithm that derives the public key from the private key in a public-key encryption scheme. For symmetric key encryption let KDer be the identity function.  ... 
arXiv:1709.09314v1 fatcat:ncia54rkybe5dcfptropsaq5oi

About the Security of Ciphers (Semantic Security and Pseudo-Random Permutations) [chapter]

Duong Hieu Phan, David Pointcheval
2004 Lecture Notes in Computer Science  
In this paper, we thus consider the security notions for length-preserving, deterministic and symmetric encryption schemes, also termed ciphers: semantic security under lunchtime and challenge-adaptive  ...  We furthermore provide some relations for this notion between different models of adversaries, and the more classical security notions for ciphers: pseudo-random permutations (PRP) and super pseudo-random  ...  Indeed, whereas in the public-key setting chosen-plaintext attack is the basic scenario for an adversary, since it can encrypt any plaintext of its choice granted the public key, in the symmetric setting  ... 
doi:10.1007/978-3-540-30564-4_13 fatcat:jg6pnam2ivdptla52avhwv7nxa

Efficient Constructions of Deterministic Encryption from Hybrid Encryption and Code-Based PKE

Yang Cui, Kirill Morozov, Kazukuni Kobara, Hideki Imai
2014 International Journal of Network Security  
public key is re-used as a hash function; 3) deterministic encryption with high message rate from witness-recovering encryption.  ...  the first example of length-preserving deterministic hybrid encryption (DHE); 2) post-quantum deterministic encryption, using the code-based encryption, which enjoys a simplified construction since its  ...  The first author would like to thank the support by Start-up Grant-in-Aid for Young Scientists, Japan Society for the Promotion of Science (JSPS), No. 21800094. Yang  ... 
dblp:journals/ijnsec/CuiMKI14 fatcat:avvxfk3w55bctn2qm7ejx63q3a

Message-Locked Encryption for Lock-Dependent Messages [chapter]

Martín Abadi, Dan Boneh, Ilya Mironov, Ananth Raghunathan, Gil Segev
2013 Lecture Notes in Computer Science  
We strengthen the notions of security proposed by Bellare et al. by considering plaintext distributions that may depend on the public parameters of the schemes.  ...  Such schemes do not rely on permanent secret keys, but rather encrypt messages using keys derived from the messages themselves.  ...  We thank the anonymous CRYPTO '13 reviewers for their helpful comments.  ... 
doi:10.1007/978-3-642-40041-4_21 fatcat:pfjow4homfeonjpk22nirffx5u

Plaintext-Checkable Encryption [chapter]

Sébastien Canard, Georg Fuchsbauer, Aline Gouget, Fabien Laguillaumie
2012 Lecture Notes in Computer Science  
We define a new cryptographic primitive called plaintext-checkable encryption (PCE), which extends public-key encryption by the following functionality: given a plaintext, a ciphertext and a public key  ...  We provide efficient generic random-oracle constructions for PCE based on any probabilistic or deterministic encryption scheme; we also give a practical construction in the standard model.  ...  A plaintext-checkable encryption scheme (PCE for short) is composed of the following algorithms (of which the first 3 constitute a public-key encryption scheme).  ... 
doi:10.1007/978-3-642-27954-6_21 fatcat:ur4pmqah2fb57hmg2cfzs2vly4

Securely combining public-key cryptosystems

Stuart Haber, Benny Pinkas
2001 Proceedings of the 8th ACM conference on Computer and Communications Security - CCS '01  
For example, an RSA key pair should be used only for public-key encryption or only for digital signatures, and not for both.  ...  In this paper we show that in many cases, the simultaneous use of related keys for two cryptosystems, e.g. for a public-key encryption system and for a public-key signature system, does not compromise  ...  One can adapt this general definition to obtain the common adversarial models of chosen-plaintext attack, chosen-ciphertext attack in the preprocessing mode (or non-adaptive CCA, as defined in [17] ),  ... 
doi:10.1145/501983.502013 dblp:conf/ccs/HaberP01 fatcat:2arxeim56zgg7jkvtjurswrafu

A Study on the Security of Privacy Homomorphism

Yu Yu, J. Leiwo, B. Premkumar
2006 Third International Conference on Information Technology: New Generations (ITNG'06)  
Informally, Privacy Homomorphism (PH) refers to encryption schemes with a homomorphic property allowing to obtain and E k (b) without the knowledge of the decryption key.  ...  In this paper, we discuss the security of PH in the black-box model and find that any PH is at most semantically secure under non-adaptive chosen-ciphertext attacks (i.e. IND-CCA1 secure).  ...  (indistinguishability of encryptions under non-adaptive chosen-ciphertext attacks): For public-key schemes: A public-key block cipher, (G,E,D), is said to be IND-CCA1 secure if for every pair of probabilistic  ... 
doi:10.1109/itng.2006.19 dblp:conf/itng/YuLP06 fatcat:5n3w3mbkrzfuzlnd4u5r2qqp4i

Providing privacy on the tuple space model

Edson Floriano, Eduardo Alchieri, Diego F. Aranha, Priscila Solis
2017 Journal of Internet Services and Applications  
The proposed solution uses robust cryptographic schemes, as order-preserving encryption and homomorphic encryption, to provide this functionality without revealing the tuple contents.  ...  Although there are some proposals for secure tuple spaces, accessing tuples through field contents makes these systems susceptible to attacks that could impair user and data privacy, since servers must  ...  Acknowledgements We would like to thank the universities involved for the support provided. We also thank the many contributions from the reviewers. Funding Not applicable.  ... 
doi:10.1186/s13174-017-0070-3 fatcat:mqtud4vlsvdb3bzmydj54ups6q

Security Notions for Quantum Public-Key Cryptography [article]

Takeshi Koshiba
2007 arXiv   pre-print
Thus, public-key cryptosystems in the quantum computational setting are longed for cryptology.  ...  It is well known that Shor's quantum algorithm for integer factorization can break down the RSA public-key cryptosystem, which is widely used in many cryptographic applications.  ...  Theorem 2.2 ([8]) A public-key cryptosystem (G, M, E, D) is non-malleable against the adaptive chosen ciphertext attack if and only if (G, M, E, D) has the indistinguishability against the chosen plaintext  ... 
arXiv:quant-ph/0702183v1 fatcat:sjwlmr43a5b2lmbvuv6q6heriy

REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform [chapter]

Tatsuaki Okamoto, David Pointcheval
2000 Lecture Notes in Computer Science  
; 3. it provides a key distribution with session key encryption, whose overall scheme achieves chosen-ciphertext security even with weakly secure symmetric scheme.  ...  Furthermore, advantages of REACT beyond OAEP are numerous: 1. it is more general since it applies to any partially trapdoor one-way function (a.k.a. weakly secure public-key encryption scheme) and therefore  ...  Acknowledgements We thank Markus Jakobsson and Moti Yung for helpful discussions. Thanks also to the anonymous reviewers for their comments.  ... 
doi:10.1007/3-540-45353-9_13 fatcat:vo467se7d5ecrfik5eglsi7zou
« Previous Showing results 1 — 15 out of 2,888 results