Access Restriction

Author Géraud, Rémi ♦ Naccache, David ♦ Roşie, Răzvan
Source Hyper Articles en Ligne (HAL)
Content type Text
File Format PDF
Language English
Subject Keyword robustness ♦ functional encryption ♦ signatures ♦ anonymity ♦ info ♦ Computer Science [cs]/Cryptography and Security [cs.CR]
Abstract Robustness is a notion often tacitly assumed while working with encrypted data. Roughly speaking, it states that a ciphertext cannot be decrypted under different keys. Initially formalized in a public-key context, it has been further extended to key-encapsulation mechanisms, and more recently to pseudorandom functions, message authentication codes and authenticated encryption. In this work, we motivate the importance of establishing similar guarantees for functional encryption schemes, even under adversarially generated keys. Our main security notion is intended to capture the scenario where a ciphertext obtained under a master key (corresponding to Authority 1) is decrypted by functional keys issued under a different master key (Authority 2). Furthermore, we show there exist simple functional encryption schemes where robustness under adversarial key-generation is not achieved. As a secondary and independent result, we formalize robustness for digital signatures-a signature should not verify under multiple keys-and point out that certain signature schemes are not robust when the keys are adversarially generated. We present simple, generic transforms that turn a scheme into a robust one, while maintaining the original scheme's security. For the case of public-key functional encryption, we look into ciphertext anonymity and provide a transform achieving it.
Educational Use Research
Learning Resource Type Article
Publisher Date 2019-02-27