Sciweavers

ASIACRYPT
2015
Springer

Selective Opening Security for Receivers

8 years 8 months ago
Selective Opening Security for Receivers
In a selective opening (SO) attack an adversary breaks into a subset of honestly created ciphertexts and tries to learn information on the plaintexts of some untouched (but potentially related) ciphertexts. Contrary to intuition, standard security notions do not always imply security against this type of adversary, making SO security an important standalone goal. In this paper we study receiver security, where the attacker is allowed to obtain the decryption keys corresponding to some of the ciphertexts. First we study the relation between two existing security definitions, one based on simulation and the other based on indistinguishability, and show that the former is strictly stronger. We continue with feasibility results for both notions which we show can be achieved from (variants of) non-committing encryption schemes. In particular, we show that indistinguishability-based SO security can be achieved from a tweaked variant of non-committing encryption which, in turn, can be insta...
Carmit Hazay, Arpita Patra, Bogdan Warinschi
Added 16 Apr 2016
Updated 16 Apr 2016
Type Journal
Year 2015
Where ASIACRYPT
Authors Carmit Hazay, Arpita Patra, Bogdan Warinschi
Comments (0)