3.8 Proceedings Paper

Hedged Nonce-Based Public-Key Encryption: Adaptive Security Under Randomness Failures

期刊

PUBLIC-KEY CRYPTOGRAPHY - PKC 2018, PT I
卷 10769, 期 -, 页码 253-279

出版社

SPRINGER INTERNATIONAL PUBLISHING AG
DOI: 10.1007/978-3-319-76578-5_9

关键词

Hedged security; Nonce-based public-key encryption; Deterministic public-key encryption; Randomness failures

资金

  1. National Natural Science Foundation of China [61472091, 61702125]
  2. Scientific Research Foundation for Post-doctoral Researchers of Guangzhou [gdbsh2016020]
  3. Guangdong Natural Science Funds for Distinguished Young Scholar [2015A030306045]
  4. Pearl River S&T Nova Program of Guangzhou
  5. Program for Innovative Research Team in Education Department of Guangdong Province [2015KCXTD014, 2016KCXTD017]
  6. National Natural Science Foundation for Outstanding Youth Foundation [61722203]
  7. State Key Laboratory of Cryptology, Beijing, China

向作者/读者索取更多资源

Nowadays it is well known that randomness may fail due to bugs or deliberate randomness subversion. As a result, the security of traditional public-key encryption (PKE) cannot be guaranteed any more. Currently there are mainly three approaches dealing with the problem of randomness failures: deterministic PKE, hedged PKE, and nonce-based PKE. However, these three approaches only apply to different application scenarios respectively. Since the situations in practice are dynamic and very complex, it's almost impossible to predict the situation in which a scheme is deployed, and determine which approach should be used beforehand. In this paper, we initiate the study of hedged security for nonce-based PKE, which adaptively applies to the situations whenever randomness fails, and achieves the best-possible security. Specifically, we lift the hedged security to the setting of nonce-based PKE, and formalize the notion of chosen-ciphertext security against chosen-distribution attacks (IND-CDA2) for nonce-based PKE. By presenting two counterexamples, we show a separation between our IND-CDA2 security for nonce-based PKE and the original NBP1/NBP2 security defined by Bellare and Tackmann (EUROCRYPT 2016). We show two nonce-based PKE constructions meeting IND-CDA2, NBP1 and NBP2 security simultaneously. The first one is a concrete construction in the random oracle model, and the second one is a generic construction based on a nonce-based PKE scheme and a deterministic PKE scheme.

作者

我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。

评论

主要评分

3.8
评分不足

次要评分

新颖性
-
重要性
-
科学严谨性
-
评价这篇论文

推荐

暂无数据
暂无数据