Disavowable Public Key Encryption with Non-Interactive Opening
Summary :
The primitive called public key encryption with non-interactive opening (PKENO) is a class of public key encryption (PKE) with additional functionality. By using this, a receiver of a ciphertext can prove that the ciphertext is an encryption of a specified message in a publicly verifiable manner. In some situation that a receiver needs to claim that a ciphertext is NOT decrypted to a specified message, if he/she proves the fact by using PKENO straightforwardly, the real message of the ciphertext is revealed and a verifier checks that it is different from the specified message about which the receiver wants to prove. However, this naive solution is problematic in terms of privacy. Inspired by this problem, we propose the notion of disavowable public key encryption with non-interactive opening (disavowable PKENO) where, with respect to a ciphertext and a message, the receiver of the ciphertext can issue a proof that the plaintext of the ciphertext is NOT the message. Also, we give a concrete construction. Specifically, a disavowal proof in our scheme consists of 61 group elements. The proposed disavowable PKENO scheme is provably secure in the standard model under the decisional linear assumption and strong unforgeability of the underlying one-time signature scheme.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E98-A No.12 pp.2446-2455
- Publication Date
- 2015/12/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1587/transfun.E98.A.2446
- Type of Manuscript
- Special Section PAPER (Special Section on Information Theory and Its Applications)
- Category
- Cryptography and Information Security
Authors
Ai ISHIDA
Tokyo Instutitute of Technology,the National Institute of Advanced Industrial Science and Technology
Keita EMURA
the National Institute of Information and Communications Technology
Goichiro HANAOKA
the National Institute of Advanced Industrial Science and Technology
Yusuke SAKAI
the National Institute of Advanced Industrial Science and Technology
Keisuke TANAKA
Tokyo Instutitute of Technology,CREST, JST
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Ai ISHIDA, Keita EMURA, Goichiro HANAOKA, Yusuke SAKAI, Keisuke TANAKA, "Disavowable Public Key Encryption with Non-Interactive Opening" in IEICE TRANSACTIONS on Fundamentals,
vol. E98-A, no. 12, pp. 2446-2455, December 2015, doi: 10.1587/transfun.E98.A.2446.
Abstract: The primitive called public key encryption with non-interactive opening (PKENO) is a class of public key encryption (PKE) with additional functionality. By using this, a receiver of a ciphertext can prove that the ciphertext is an encryption of a specified message in a publicly verifiable manner. In some situation that a receiver needs to claim that a ciphertext is NOT decrypted to a specified message, if he/she proves the fact by using PKENO straightforwardly, the real message of the ciphertext is revealed and a verifier checks that it is different from the specified message about which the receiver wants to prove. However, this naive solution is problematic in terms of privacy. Inspired by this problem, we propose the notion of disavowable public key encryption with non-interactive opening (disavowable PKENO) where, with respect to a ciphertext and a message, the receiver of the ciphertext can issue a proof that the plaintext of the ciphertext is NOT the message. Also, we give a concrete construction. Specifically, a disavowal proof in our scheme consists of 61 group elements. The proposed disavowable PKENO scheme is provably secure in the standard model under the decisional linear assumption and strong unforgeability of the underlying one-time signature scheme.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E98.A.2446/_p
Copy
@ARTICLE{e98-a_12_2446,
author={Ai ISHIDA, Keita EMURA, Goichiro HANAOKA, Yusuke SAKAI, Keisuke TANAKA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Disavowable Public Key Encryption with Non-Interactive Opening},
year={2015},
volume={E98-A},
number={12},
pages={2446-2455},
abstract={The primitive called public key encryption with non-interactive opening (PKENO) is a class of public key encryption (PKE) with additional functionality. By using this, a receiver of a ciphertext can prove that the ciphertext is an encryption of a specified message in a publicly verifiable manner. In some situation that a receiver needs to claim that a ciphertext is NOT decrypted to a specified message, if he/she proves the fact by using PKENO straightforwardly, the real message of the ciphertext is revealed and a verifier checks that it is different from the specified message about which the receiver wants to prove. However, this naive solution is problematic in terms of privacy. Inspired by this problem, we propose the notion of disavowable public key encryption with non-interactive opening (disavowable PKENO) where, with respect to a ciphertext and a message, the receiver of the ciphertext can issue a proof that the plaintext of the ciphertext is NOT the message. Also, we give a concrete construction. Specifically, a disavowal proof in our scheme consists of 61 group elements. The proposed disavowable PKENO scheme is provably secure in the standard model under the decisional linear assumption and strong unforgeability of the underlying one-time signature scheme.},
keywords={},
doi={10.1587/transfun.E98.A.2446},
ISSN={1745-1337},
month={December},}
Copy
TY - JOUR
TI - Disavowable Public Key Encryption with Non-Interactive Opening
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 2446
EP - 2455
AU - Ai ISHIDA
AU - Keita EMURA
AU - Goichiro HANAOKA
AU - Yusuke SAKAI
AU - Keisuke TANAKA
PY - 2015
DO - 10.1587/transfun.E98.A.2446
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E98-A
IS - 12
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - December 2015
AB - The primitive called public key encryption with non-interactive opening (PKENO) is a class of public key encryption (PKE) with additional functionality. By using this, a receiver of a ciphertext can prove that the ciphertext is an encryption of a specified message in a publicly verifiable manner. In some situation that a receiver needs to claim that a ciphertext is NOT decrypted to a specified message, if he/she proves the fact by using PKENO straightforwardly, the real message of the ciphertext is revealed and a verifier checks that it is different from the specified message about which the receiver wants to prove. However, this naive solution is problematic in terms of privacy. Inspired by this problem, we propose the notion of disavowable public key encryption with non-interactive opening (disavowable PKENO) where, with respect to a ciphertext and a message, the receiver of the ciphertext can issue a proof that the plaintext of the ciphertext is NOT the message. Also, we give a concrete construction. Specifically, a disavowal proof in our scheme consists of 61 group elements. The proposed disavowable PKENO scheme is provably secure in the standard model under the decisional linear assumption and strong unforgeability of the underlying one-time signature scheme.
ER -
English
