Sciweavers

TCC
2005
Springer

Adaptively-Secure, Non-interactive Public-Key Encryption

14 years 4 months ago
Adaptively-Secure, Non-interactive Public-Key Encryption
Adaptively-secure encryption schemes ensure secrecy even in the presence of an adversary who can corrupt parties in an adaptive manner based on public keys, ciphertexts, and secret data of alreadycorrupted parties. Ideally, an adaptively-secure encryption scheme should, like standard public-key encryption, allow arbitrarily-many parties to use a single encryption key to securely encrypt arbitrarily-many messages to a given receiver who maintains only a single short decryption key. However, it is known that these requirements are impossible to achieve: no non-interactive encryption scheme that supports encryption of an unbounded number of messages and uses a single, unchanging decryption key can be adaptively secure. Impossibility holds even if secure data erasure is possible. We show that this limitation can be overcome by updating the decryption key over time and making some mild assumptions about the frequency of communication between parties. Using this approach, we construct adapti...
Ran Canetti, Shai Halevi, Jonathan Katz
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where TCC
Authors Ran Canetti, Shai Halevi, Jonathan Katz
Comments (0)