Advertisement

Non-Committing Encryption with Quasi-Optimal Ciphertext-Rate Based on the DDH Problem

  • Yusuke YoshidaEmail author
  • Fuyuki Kitagawa
  • Keisuke Tanaka
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11923)

Abstract

Non-committing encryption (NCE) was introduced by Canetti et al. (STOC ’96). Informally, an encryption scheme is non-committing if it can generate a dummy ciphertext that is indistinguishable from a real one. The dummy ciphertext can be opened to any message later by producing a secret key and an encryption random coin which “explain” the ciphertext as an encryption of the message. Canetti et al. showed that NCE is a central tool to achieve multi-party computation protocols secure in the adaptive setting. An important measure of the efficiently of NCE is the ciphertext rate, that is the ciphertext length divided by the message length, and previous works studying NCE have focused on constructing NCE schemes with better ciphertext rates.

We propose an NCE scheme satisfying the ciphertext rate Open image in new window based on the decisional Diffie-Hellman (DDH) problem, where Open image in new window is the security parameter. The proposed construction achieves the best ciphertext rate among existing constructions proposed in the plain model, that is, the model without using common reference strings. Previously to our work, an NCE scheme with the best ciphertext rate based on the DDH problem was the one proposed by Choi et al. (ASIACRYPT ’09) that has ciphertext rate Open image in new window. Our construction of NCE is similar in spirit to that of the recent construction of the trapdoor function proposed by Garg and Hajiabadi (CRYPTO ’18).

Keywords

Non-committing encryption Decisional Diffie-Hellman problem Chameleon encryption 

Notes

Acknowledgements

A part of this work was supported by NTT Secure Platform Laboratories, JST OPERA JPMJOP1612, JST CREST JPMJCR14D6, JSPS KAKENHI JP16H01705, JP17H01695, JP19J22363.

References

  1. 1.
    Beaver, D.: Plug and play encryption. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 75–89. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0052228CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Palacio, A.: The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 273–289. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_17 CrossRefGoogle Scholar
  3. 3.
    Brakerski, Z., Lombardi, A., Segev, G., Vaikuntanathan, V.: Anonymous IBE, leakage resilience and circular security from new assumptions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 535–564. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78381-9_20CrossRefGoogle Scholar
  4. 4.
    Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively secure multi-party computation. In: 28th ACM STOC, pp. 639–648 (1996)Google Scholar
  5. 5.
    Canetti, R., Poburinnaya, O., Raykova, M.: Optimal-rate non-committing encryption. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part III. LNCS, vol. 10626, pp. 212–241. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70700-6_8CrossRefGoogle Scholar
  6. 6.
    Cho, C., Döttling, N., Garg, S., Gupta, D., Miao, P., Polychroniadou, A.: Laconic oblivious transfer and its applications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 33–65. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63715-0_2CrossRefGoogle Scholar
  7. 7.
    Choi, S.G., Dachman-Soled, D., Malkin, T., Wee, H.: Improved non-committing encryption with applications to adaptively secure protocols. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 287–302. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10366-7_17CrossRefGoogle Scholar
  8. 8.
    Damgård, I., Nielsen, J.B.: Improved non-committing encryption schemes based on a general complexity assumption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 432–450. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44598-6_27CrossRefGoogle Scholar
  9. 9.
    Döttling, N., Garg, S.: From selective IBE to full IBE and selective HIBE. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017, Part I. LNCS, vol. 10677, pp. 372–408. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70500-2_13CrossRefGoogle Scholar
  10. 10.
    Döttling, N., Garg, S.: Identity-based encryption from the Diffie-Hellman assumption. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 537–569. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_18CrossRefGoogle Scholar
  11. 11.
    Döttling, N., Garg, S., Hajiabadi, M., Masny, D.: New constructions of identity-based and key-dependent message secure encryption schemes. In: Abdalla, M., Dahab, R. (eds.) PKC 2018, Part I. LNCS, vol. 10769, pp. 3–31. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-76578-5_1CrossRefzbMATHGoogle Scholar
  12. 12.
    Döttling, N., Garg, S., Ishai, Y., Malavolta, G., Mour, T., Ostrovsky, R.: Trapdoor hash functions and their applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part III. LNCS, vol. 11694, pp. 3–32. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-26954-8_1CrossRefGoogle Scholar
  13. 13.
    Garg, S., Gay, R., Hajiabadi, M.: New techniques for efficient trapdoor functions and applications. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019, Part III. LNCS, vol. 11478, pp. 33–63. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-17659-4_2CrossRefGoogle Scholar
  14. 14.
    Garg, S., Hajiabadi, M.: Trapdoor functions from the computational Diffie-Hellman assumption. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 362–391. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-96881-0_13CrossRefGoogle Scholar
  15. 15.
    Garg, S., Ostrovsky, R., Srinivasan, A.: Adaptive garbled RAM from laconic oblivious transfer. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part III. LNCS, vol. 10993, pp. 515–544. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-96878-0_18CrossRefGoogle Scholar
  16. 16.
    Garg, S., Srinivasan, A.: Adaptively secure garbling with near optimal online complexity. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 535–565. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78375-8_18CrossRefGoogle Scholar
  17. 17.
    Garg, S., Srinivasan, A.: Two-round multiparty secure computation from minimal assumptions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 468–499. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78375-8_16CrossRefGoogle Scholar
  18. 18.
    Hada, S., Tanaka, T.: On the existence of 3-round zero-knowledge protocols. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 408–423. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055744CrossRefGoogle Scholar
  19. 19.
    Hemenway, B., Ostrovsky, R., Richelson, S., Rosen, A.: Adaptive security with quasi-optimal rate. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016, Part I. LNCS, vol. 9562, pp. 525–541. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_22CrossRefGoogle Scholar
  20. 20.
    Hemenway, B., Ostrovsky, R., Rosen, A.: Non-committing encryption from \(\phi \)-hiding. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 591–608. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46494-6_24CrossRefGoogle Scholar
  21. 21.
    Tao, T., Vu, V.: On the singularity probability of random Bernoulli matrices. J. Am. Math. Soc. 20(3), 603–628 (2007)MathSciNetCrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  • Yusuke Yoshida
    • 1
    Email author
  • Fuyuki Kitagawa
    • 2
  • Keisuke Tanaka
    • 1
  1. 1.Tokyo Institute of TechnologyTokyoJapan
  2. 2.NTT Secure Platform LaboratoriesTokyoJapan

Personalised recommendations