Paper 2023/976

Updatable Public Key Encryption with Strong CCA Security: Security Analysis and Efficient Generic Construction

Kyoichi Asano, The University of Electro-Communications
Yohei Watanabe, The University of Electro-Communications, National Institute of Advanced Industrial Science and Technology
Abstract

With applications in secure messaging, Updatable Public Key Encryption (UPKE) was proposed by Jost et al. (EUROCRYPT '19) and Alwen et al. (CRYPTO '20). It is a natural relaxation of forward-secure public-key encryption. In UPKE, we can update secret keys by using update ciphertexts which any sender can generate. The UPKE schemes proposed so far that satisfy the strong CCA security are Haidar et al.'s concrete construction (CCS '22) and Dodis et al's generic construction that use Non-Interactive Zero-Knowledge (NIZK) arguments. Yet, even despite the aid of random oracles, their concrete efficiency is quite far from the most efficient CPA-secure scheme. In this paper, we first demonstrate a simple and efficient attack against Dodis et al.'s strongly CCA-secure scheme, and show how to fix it. Then, based on the observation from the attack and fix, we propose a new strongly CCA-secure generic construction for a UPKE scheme with random oracles and show that its instantiation is almost as concretely efficient as the most efficient CPA-secure one.

Note: Added another approach to fix the existing scheme, mentioned public verifiability of CU-secure UPKE, and corrected typos.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
Updatable Public Key EncryptionFujisaki-Okamoto transformCCA securityGeneric construction
Contact author(s)
k asano @ uec ac jp
watanabe @ uec ac jp
History
2024-03-21: revised
2023-06-22: received
See all versions
Short URL
https://ia.cr/2023/976
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/976,
      author = {Kyoichi Asano and Yohei Watanabe},
      title = {Updatable Public Key Encryption with Strong CCA Security: Security Analysis and Efficient Generic Construction},
      howpublished = {Cryptology ePrint Archive, Paper 2023/976},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/976}},
      url = {https://eprint.iacr.org/2023/976}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.