Your search keyword '"Deterministic encryption"' showing total 8 results

1. Deterministic Public-Key Encryption for Adaptively-Chosen Plaintext Distributions.

Author

Raghunathan, Ananth, Segev, Gil, and Vadhan, Salil

Subjects

PUBLIC key cryptography, DATA encryption, MATHEMATICAL bounds, POLYNOMIALS, DATA security

Abstract

Bellare, Boldyreva, and O’Neill (CRYPTO ’07) initiated the study of deterministic public-key encryption as an alternative in scenarios where randomized encryption has inherent drawbacks. The resulting line of research has so far guaranteed security only for adversarially chosen-plaintext distributions that are independent of the public key used by the scheme. In most scenarios, however, it is typically not realistic to assume that adversaries do not take the public key into account when attacking a scheme. We show that it is possible to guarantee meaningful security even for plaintext distributions that depend on the public key. We extend the previously proposed notions of security, allowing adversaries to adaptively choose plaintext distributions after seeing the public key, in an interactive manner. The only restrictions we make are that: (1) plaintext distributions are unpredictable (as is essential in deterministic public-key encryption), and (2) the number of plaintext distributions from which each adversary is allowed to adaptively choose is upper bounded by 2p, where p can be any predetermined polynomial in the security parameter and plaintext length. For example, with p=0 we capture plaintext distributions that are independent of the public key, and with p=O(slogs) we capture, in particular, all plaintext distributions that are samplable by circuits of size s. Within our framework we present both constructions in the random oracle model based on any public-key encryption scheme, and constructions in the standard model based on lossy trapdoor functions (thus, based on a variety of number-theoretic assumptions). Previously known constructions heavily relied on the independence between the plaintext distributions and the public key for the purposes of randomness extraction. In our setting, however, randomness extraction becomes significantly more challenging once the plaintext distributions and the public key are no longer independent. Our approach is inspired by research on randomness extraction from seed-dependent distributions. Underlying our approach is a new generalization of a method for such randomness extraction, originally introduced by Trevisan and Vadhan (FOCS ’00) and Dodis (Ph.D. Thesis, MIT, ’00). [ABSTRACT FROM AUTHOR]

Published

2018

2. Incremental Deterministic Public-Key Encryption.

Author

Mironov, Ilya, Pandey, Omkant, Reingold, Omer, and Segev, Gil

Subjects

PUBLIC key cryptography, COMPUTER network security, ENTROPY (Information theory), ALGORITHMS, DATA security

Abstract

Motivated by applications in large storage systems, we initiate the study of incremental deterministic public-key encryption. Deterministic public-key encryption, introduced by Bellare, Boldyreva, and O'Neill (CRYPTO '07), provides an alternative to randomized public-key encryption in various scenarios where the latter exhibits inherent drawbacks. A deterministic encryption algorithm, however, cannot satisfy any meaningful notion of security for low-entropy plaintexts distributions, but Bellare et al. demonstrated that a strong notion of security can in fact be realized for relatively high-entropy plaintext distributions. In order to achieve a meaningful level of security, a deterministic encryption algorithm should be typically used for encrypting rather long plaintexts for ensuring a sufficient amount of entropy. This requirement may be at odds with efficiency constraints, such as communication complexity and computation complexity in the presence of small updates. Thus, a highly desirable property of deterministic encryption algorithms is incrementality: Small changes in the plaintext translate into small changes in the corresponding ciphertext. We present a framework for modeling the incrementality of deterministic public-key encryption. Our framework extends the study of the incrementality of cryptography primitives initiated by Bellare, Goldreich and Goldwasser (CRYPTO '94). Within our framework, we propose two schemes, which we prove to enjoy an optimal tradeoff between their security and incrementality up to lower-order factors. Our first scheme is a generic method which can be based on any deterministic public-key encryption scheme, and, in particular, can be instantiated with any semantically secure (randomized) public-key encryption scheme in the random-oracle model. Our second scheme is based on the Decisional Diffie-Hellman assumption in the standard model. The approach underpinning our schemes is inspired by the fundamental 'sample-then-extract' technique due to Nisan and Zuckerman (JCSS '96) and refined by Vadhan (J. Cryptology '04), and by the closely related notion of 'locally computable extractors' due to Vadhan. Most notably, whereas Vadhan used such extractors to construct private-key encryption schemes in the bounded-storage model, we show that techniques along these lines can also be used to construct incremental public-key encryption schemes. [ABSTRACT FROM AUTHOR]

Published

2018

3. Reproducible Circularly Secure Bit Encryption: Applications and Realizations.

Author

Hajiabadi, Mohammad and Kapron, Bruce

Subjects

ENCRYPTION protocols, CRYPTOGRAPHY, TRAPDOORS, SECURITY management, DATA encryption

Abstract

We give generic constructions of several fundamental cryptographic primitives based on a new encryption primitive that combines circular security for bit encryption with the so-called reproducibility property (Bellare et al. in Public key cryptography-PKC 2003, vol. 2567, pp. 85-99, Springer, 2003). At the heart of our constructions is a novel technique which gives a way of de-randomizing reproducible public-key bit encryption schemes and also a way of reducing one-wayness conditions of a constructed trapdoor function family (TDF) to circular security of the base scheme. The main primitives that we build from our encryption primitive include k-wise one-way TDFs (Rosen and Segev in SIAM J Comput 39(7):3058-3088, 2010), chosen-ciphertext-attack-secure encryption and deterministic encryption. Our results demonstrate a new set of applications of circularly secure encryption beyond fully homomorphic encryption and symbolic soundness. Finally, we show the plausibility of our assumptions by showing that the decisional Diffie-Hellman-based circularly secure scheme of Boneh et al. (Advances in cryptology-CRYPTO 2008, vol. 5157, Springer, 2008) and the subgroup indistinguishability-based scheme of Brakerski and Goldwasser (Advances in cryptology-CRYPTO 2010, vol. 6223, pp. 1-20, Springer, 2010) are both reproducible. [ABSTRACT FROM AUTHOR]

Published

2017

4. Big Data Analysis And Deterministic Encryption Challenges.

Author

Shafi, Aasim and Shah, Sahila Fareed

Subjects

BIG data, DATA encryption, INTERACTIVE multimedia, SYSTEM integration, INFORMATION services, MANAGEMENT

Abstract

with the rapid change in the technology and innovation in the last decade, big data analysis has gone for an exponential and tremendous growth and will most probably continue to perform spectacular developments due to the emergence of innovative trends and new interactive multimedia applications and the use of highly integrated systems driven by the rapid growth in information services and microelectronic devices. Up to yet, large no. of the existing mobile systems is mainly targeted to voice communications with low transmission rates. Big-Data has always been a part of our lives knowingly or unknowingly [7]. This is a particular review on known big-data systems that contain a set of tools and technique to load, extract and process and improve dissimilar datasets while leveraging the immensely and most parallel processing power to perform the idiosyncratic transformations and analysis. Big-Data" technology faces a list of technical challenges. [ABSTRACT FROM AUTHOR]

Published

2017

5. A Unified Approach to Deterministic Encryption: New Constructions and a Connection to Computational Entropy.

Author

Fuller, Benjamin, O'Neill, Adam, and Reyzin, Leonid

Subjects

DATA encryption, ENTROPY (Information theory), SCHEME programming language, PUBLIC key cryptography, MATHEMATICAL proofs

Abstract

This paper addresses deterministic public-key encryption schemes (DE), which are designed to provide meaningful security when only source of randomness in the encryption process comes from the message itself. We propose a general construction of DE that unifies prior work and gives novel schemes. Specifically, its instantiations include: The security proofs for these schemes are enabled by three tools that are of broader interest: We also extend our result about computational entropy to the average case, which is useful in reasoning about leakage-resilient cryptography: leaking λ bits of information reduces the quality of computational entropy by a factor of 2 and its quantity by λ. [ABSTRACT FROM AUTHOR]

Published

2015

6. More on Key Wrapping.

Author

Gennaro, Rosario and Halevi, Shai

Abstract

We address the practice of key-wrapping, where one symmetric cryptographic key is used to encrypt another. This practice is used extensively in key-management architectures, often to create an ˵adapter layer″ between incompatible legacy systems. Although in principle any secure encryption scheme can be used for key wrapping, practical constraints (which are commonplace when dealing with legacy systems) may severely limit the possible implementations, sometimes to the point of ruling out any ˵secure general-purpose encryption.″ It is therefore desirable to identify the security requirements that are ˵really needed″ for the key-wrapping application, and have a large variety of implementations that satisfy these requirements. This approach was developed in a work by Rogaway and Shrimpton at EUROCRYPT 2006. They focused on allowing deterministic encryption, and defined a notion of deterministic authenticated encryption (DAE), which roughly formalizes ˵the strongest security that one can get without randomness.″ Although DAE is weaker than full blown authenticated encryption, it seems to suffice for the case of key wrapping (since keys are random and therefore the encryption itself can be deterministic). Rogaway and Shrimpton also described a mode of operation for block ciphers (called SIV) that realizes this notion. We continue in the direction initiated by Rogaway and Shirmpton. We first observe that the notion of DAE still rules out many practical and ˵seemingly secure″ implementations. We thus look for even weaker notions of security that may still suffice. Specifically we consider notions that mirror the usual security requirements for symmetric encryption, except that the inputs to be encrypted are random rather than adversarially chosen. These notions are all strictly weaker than DAE, yet we argue that they suffice for most applications of key wrapping. As for implementations, we consider the key-wrapping notion that mirrors authenticated encryption, and investigate a template of Hash-then-Encrypt (HtE), which seems practically appealing: In this method the key is first ˵hashed″ into a short nonce, and then the nonce and key are encrypted using some standard encryption mode. We consider a wide array of ˵hash functions″, ranging from a simple XOR to collision-resistant hashing, and examine what ˵hash function″ can be used with what encryption mode. [ABSTRACT FROM AUTHOR]

Published

2009

7. Efficient Constructions of Deterministic Encryption from Hybrid Encryption and Code-Based PKE.

Author

Cui, Yang, Morozov, Kirill, Kobara, Kazukuni, and Imai, Hideki

Abstract

We build on the new security notion for deterministic encryption (PRIV) and the PRIV-secure schemes presented by Bellare et al at Crypto΄07. Our work introduces: 1) A generic and efficient construction of deterministic length-preserving hybrid encryption, which is an improvement on the scheme sketched in the above paper; to our best knowledge, this is the first example of length-preserving hybrid encryption; 2) postquantum deterministic encryption (using the IND-CPA variant of code-based McEliece PKE) which enjoys a simplified construction, where the public key is re-used as a hash function. [ABSTRACT FROM AUTHOR]

Published

2009

8. Better Security for Deterministic Public-Key Encryption: The Auxiliary-Input Setting.

Author

Brakerski, Zvika and Segev, Gil

Subjects

DATA encryption, PUBLIC key cryptography, COMPUTER network security, ENTROPY (Information theory), DETERMINISTIC algorithms, SEMANTICS

Abstract

Deterministic public-key encryption, introduced by Bellare, Boldyreva, and O'Neill (CRYPTO '07), provides an alternative to randomized public-key encryption in various scenarios where the latter exhibits inherent drawbacks. A deterministic encryption algorithm, however, cannot satisfy any meaningful notion of security when the plaintext is distributed over a small set. Bellare et al. addressed this difficulty by requiring semantic security to hold only when the plaintext has high min-entropy from the adversary's point of view. In many applications, however, an adversary may obtain auxiliary information that is related to the plaintext. Specifically, when deterministic encryption is used as a building block of a larger system, it is rather likely that plaintexts do not have high min-entropy from the adversary's point of view. In such cases, the framework of Bellare et al. might fall short from providing robust security guarantees. We formalize a framework for studying the security of deterministic public-key encryption schemes with respect to auxiliary inputs. Given the trivial requirement that the plaintext should not be efficiently recoverable from the auxiliary input, we focus on hard-to-invert auxiliary inputs. Within this framework, we propose two schemes: the first is based on the d-linear assumption for any d≥1 (including, in particular, the decisional Diffie-Hellman assumption), and the second is based on a rather general class of subgroup indistinguishability assumptions (including, in particular, the quadratic residuosity assumption and Paillier's composite residuosity assumption). Our schemes are secure with respect to any auxiliary input that is subexponentially hard to invert (assuming the standard hardness of the underlying computational assumptions). In addition, our first scheme is secure even in the multi-user setting where related plaintexts may be encrypted under multiple public keys. Constructing a scheme that is secure in the multi-user setting (even without considering auxiliary inputs) was identified by Bellare et al. as an important open problem. [ABSTRACT FROM AUTHOR]

Published

2014