Advertisement

Lossy Algebraic Filters with Short Tags

  • Benoît LibertEmail author
  • Chen Qian
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11442)

Abstract

Lossy algebraic filters (LAFs) are function families where each function is parametrized by a tag, which determines if the function is injective or lossy. While initially introduced by Hofheinz (Eurocrypt 2013) as a technical tool to build encryption schemes with key-dependent message chosen-ciphertext (KDM-CCA) security, they also find applications in the design of robustly reusable fuzzy extractors. So far, the only known LAF family requires tags comprised of \(\varTheta (n^2)\) group elements for functions with input space \(\mathbb {Z}_p^n\), where p is the group order. In this paper, we describe a new LAF family where the tag size is only linear in n and prove it secure under simple assumptions in asymmetric bilinear groups. Our construction can be used as a drop-in replacement in all applications of the initial LAF system. In particular, it can shorten the ciphertexts of Hofheinz’s KDM-CCA-secure public-key encryption scheme by 19 group elements. It also allows substantial space improvements in a recent fuzzy extractor proposed by Wen and Liu (Asiacrypt 2018). As a second contribution, we show how to modify our scheme so as to prove it (almost) tightly secure, meaning that security reductions are not affected by a concrete security loss proportional to the number of adversarial queries.

Keywords

Lossy algebraic filters Efficiency Tight security Standard assumptions 

Notes

Acknowledgements

We thank the reviewers for their careful reading. This work was funded in part by the French ANR ALAMBIC project (ANR-16-CE39-0006).

References

  1. 1.
    Bellare, M., et al.: Hedged public-key encryption: how to protect against bad randomness. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 232–249. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10366-7_14CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Hofheinz, D., Yilek, S.: Possibility and impossibility results for encryption and commitment secure under selective opening. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 1–35. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01001-9_1CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM-CCS (1993)Google Scholar
  4. 4.
    Bellare, M., Rogaway, P.: The exact security of digital signatures-how to sign with RSA and Rabin. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68339-9_34CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Yilek, S.: Encryption schemes secure under selective opening attack. Cryptology ePrint Archive: Report 2009/101 (2009)Google Scholar
  6. 6.
    Black, J., Rogaway, P., Shrimpton, T.: Encryption-scheme security in the presence of key-dependent messages. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 62–75. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36492-7_6CrossRefzbMATHGoogle Scholar
  7. 7.
    Blazy, O., Kiltz, E., Pan, J.: (Hierarchical) identity-based encryption from affine message authentication. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 408–425. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_23CrossRefGoogle Scholar
  8. 8.
    Böhl, F., Hofheinz, D., Jager, T., Koch, J., Seo, J.H., Striecks, C.: Practical signatures from standard assumptions. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 461–485. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_28CrossRefGoogle Scholar
  9. 9.
    Boldyreva, A., Fehr, S., O’Neill, A.: On notions of security for deterministic encryption, and efficient constructions without random oracles. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 335–359. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_19CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Halevi, S., Hamburg, M., Ostrovsky, R.: Circular-secure encryption from decision Diffie-Hellman. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 108–125. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_7CrossRefGoogle Scholar
  11. 11.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24676-3_14CrossRefGoogle Scholar
  12. 12.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_3CrossRefGoogle Scholar
  13. 13.
    Boyen, X.: Reusable cryptographic fuzzy extractors. In ACM-CCS (2004)Google Scholar
  14. 14.
    Boyen, X., Waters, B.: Shrinking the keys of discrete-log-type lossy trapdoor functions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 35–52. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13708-2_3CrossRefGoogle Scholar
  15. 15.
    Brakerski, Z., Segev, G.: Better security for deterministic public-key encryption: the auxiliary-input setting. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 543–560. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_31CrossRefGoogle Scholar
  16. 16.
    Chen, J., Wee, H.: Fully, (almost) tightly secure IBE and dual system groups. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 435–460. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_25CrossRefGoogle Scholar
  17. 17.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24676-3_31CrossRefGoogle Scholar
  18. 18.
    Dwork, C., Naor, M., Reingold, O., Stockmeyer, L.: Magic functions. J. ACM 50(6), 852–921 (2003)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Freeman, D., Goldreich, O., Kiltz, E., Rosen, A., Segev, G.: More constructions of lossy and correlation-secure trapdoor functions. J. Cryptol. 26(1), 39–74 (2013)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Fujisaki, E.: All-but-many encryption. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 426–447. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_23CrossRefGoogle Scholar
  21. 21.
    Gay, R., Hofheinz, D., Kiltz, E., Wee, H.: Tightly CCA-secure encryption without pairings. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 1–27. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_1CrossRefGoogle Scholar
  22. 22.
    Gay, R., Hofheinz, D., Kohl, L.: Kurosawa-Desmedt meets tight security. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 133–160. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63697-9_5CrossRefGoogle Scholar
  23. 23.
    Hemenway, B., Ostrovsky, R.: Extended-DDH and lossy trapdoor functions. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 627–643. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_37CrossRefGoogle Scholar
  24. 24.
    Hofheinz, D.: All-but-many lossy trapdoor functions. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 209–227. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_14CrossRefGoogle Scholar
  25. 25.
    Hofheinz, D.: Circular chosen-ciphertext security with compact ciphertexts. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 520–536. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_31. Cryptology ePrint Archive: Report 2012/150CrossRefGoogle Scholar
  26. 26.
    Hofheinz, D.: Algebraic partitioning: fully compact and (almost) tightly secure cryptography. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 251–281. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_11CrossRefzbMATHGoogle Scholar
  27. 27.
    Hofheinz, D.: Adaptive partitioning. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 489–518. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56617-7_17CrossRefGoogle Scholar
  28. 28.
    Hofheinz, D., Jager, T.: Tightly secure signatures and public-key encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 590–607. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_35CrossRefGoogle Scholar
  29. 29.
    Hofheinz, D., Nguyen, N.-K.: On tightly secure primitives in the multi-instance setting. Cryptology ePrint Archive: Report 2018/958 (2018)Google Scholar
  30. 30.
    Jutla, C.S., Roy, A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 1–20. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42033-7_1CrossRefGoogle Scholar
  31. 31.
    Krawczyk, H., Rabin, T.: Chameleon signatures. In: NDSS (2000)Google Scholar
  32. 32.
    Kunz-Jacques, S., Pointcheval, D.: About the security of MTI/C0 and MQV. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 156–172. Springer, Heidelberg (2006).  https://doi.org/10.1007/11832072_11CrossRefzbMATHGoogle Scholar
  33. 33.
    Lewko, A., Sahai, A., Waters, B.: Revocation systems with very small private keys. In: IEEE Symposium on Security and Privacy (2010)Google Scholar
  34. 34.
    Libert, B., Joye, M., Yung, M., Peters, T.: Concise multi-challenge CCA-secure encryption and signatures with almost tight security. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 1–21. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_1CrossRefGoogle Scholar
  35. 35.
    Libert, B., Peters, T., Joye, M., Yung, M.: Compactly hiding linear spans. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 681–707. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_28CrossRefGoogle Scholar
  36. 36.
    Libert, B., Sakzad, A., Stehlé, D., Steinfeld, R.: All-but-many lossy trapdoor functions and selective opening chosen-ciphertext security from LWE. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 332–364. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63697-9_12CrossRefGoogle Scholar
  37. 37.
    Libert, B., Vergnaud, D.: Multi-use unidirectional proxy re-signatures. In: ACM-CCS (2008)Google Scholar
  38. 38.
    Naor,M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. In: FOCS (1997)Google Scholar
  39. 39.
    Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: STOC (2008)Google Scholar
  40. 40.
    Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_35CrossRefGoogle Scholar
  41. 41.
    Raghunathan, A., Segev, G., Vadhan, S.: Deterministic public-key encryption for adaptively chosen plaintext distributions. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 93–110. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_6CrossRefGoogle Scholar
  42. 42.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_7CrossRefGoogle Scholar
  43. 43.
    Wee, H.: Dual projective hashing and its applications—lossy trapdoor functions and more. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 246–262. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_16CrossRefGoogle Scholar
  44. 44.
    Wen, Y., Liu, S.: Robustly reusable fuzzy extractor from standard assumptions. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 459–489. Springer, Cham (2018).  https://doi.org/10.1007/978-3-030-03332-3_17CrossRefGoogle Scholar
  45. 45.
    Zhandry, M.: The magic of ELFs. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 479–508. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53018-4_18CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  1. 1.CNRS, Laboratoire LIPLyonFrance
  2. 2.ENS de Lyon, Laboratoire LIP (U. Lyon, CNRS, ENSL, Inria, UCBL)LyonFrance
  3. 3.Univ Rennes, CNRS, IRISARennesFrance

Personalised recommendations