Identification Schemes from Key Encapsulation Mechanisms

  • Hiroaki Anada
  • Seiko Arita
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6737)

Abstract

We propose a generic way for deriving an identification (ID) scheme secure against concurrent man-in-the-middle attacks from a key encapsulation mechanism (KEM) secure against chosen ciphertext attacks on one-wayness (one-way-CCA). Then we give a concrete one-way-CCA secure KEM based on the Computational Diffie-Hellman (CDH) assumption. In that construction, the Twin Diffie-Hellman technique of Cash, Kiltz and Shoup is essentially employed. We compare efficiency of the ID scheme derived from our KEM with previously known ID schemes and KEMs. It turns out that our KEM-based ID scheme reduces the computation by one exponentiation than the currently most efficient one derived from the Hanaoka-Kurosawa one-way-CCA secure KEM, whose security is based on the same (CDH) assumption.

Keywords

identification scheme key encapsulation mechanism one-way-CCA security concurrent man-in-the-middle attack the computational Diffie-Hellman assumption 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anada, H., Arita, S.: Identification Schemes of Proofs of Ability Secure against Concurrent Man-in-the-Middle Attacks. In: Heng, S.-H., Kurosawa, K. (eds.) ProvSec 2010. LNCS, vol. 6402, pp. 18–34. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Boneh, D., Boyen, X.: Short Signatures without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Fischlin, M., Goldwasser, S., Micali, S.: Identification Protocols Secure against Reset Attacks. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 495–511. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Goldreich, O.: On Defining Proofs of Knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Palacio, A.: GQ and Schnorr Identification Schemes: Proofs of Security against Impersonation under Active and Concurrent Attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 162–177. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Cash, D., Kiltz, E., Shoup, V.: The Twin Diffie-Hellman Problem and Applications. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 127–145. Springer, Heidelberg (2008), http://eprint.iacr.org/ CrossRefGoogle Scholar
  7. 7.
    Cramer, R., Damgård, I., Nielsen, J.B.: Multiparty Computation from Threshold Homomorphic Encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–300. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Cramer, R., Shoup, V.: Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack. SIAM Journal on Computing 33(1), 167–226 (2003)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Fujisaki, E.: New Constructions of Efficient Simulation-Sound Commitments Using Encryption. In: The 2011 Symposium on Cryptography and Information Security, 1A2-3. The Institute of Electronics, Information and Communication Engineers, Tokyo (2011)Google Scholar
  11. 11.
    Gennaro, R.: Multi-trapdoor Commitments and their Applications to Non-Malleable Protocols. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 220–236. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof Systems. SIAM Journal on Computing 18(1), 186–208 (1989)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Guillou, L., Quisquater, J.J.: A Paradoxical Identity-Based Signature Scheme Resulting from Zero-Knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 216–231. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  14. 14.
    Herranz, J., Hofheinz, D., Kiltz, E.: The Kurosawa-Desmedt Key Encapsulation is not Chosen-Ciphertext Secure. Cryptology ePrint Archive, 2006/207, http://eprint.iacr.org/
  15. 15.
    Hanaoka, G., Kurosawa, K.: Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 308–325. Springer, Heidelberg (2008), Full version available at Cryptology eprint Archive, http://eprint.iacr.org/ CrossRefGoogle Scholar
  16. 16.
    Katz, J.: Efficient Cryptographic Protocols Preventing “Man-in-the-Middle” Attacks. Doctor of Philosophy Dissertation. Columbia University, New York (2002)Google Scholar
  17. 17.
    Kiltz, E.: Chosen-Ciphertext Security from Tag-Based Encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 581–600. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Kiltz, E.: Personal communication at ProvSec 2010, Malacca (2010)Google Scholar
  19. 19.
    Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. K. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Naor, M., Yung, M.: Universal One-Way Hash Functions and their Cryptographic Applications. In: The 21st Symposium on Theory of Computing, pp. 33–43. Association for Computing Machinery, New York (1989)Google Scholar
  21. 21.
    Okamoto, T., Pointcheval, D.: The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  22. 22.
    Pointcheval, D.: Chosen-Ciphertext Security for Any One-Way Cryptosystem. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 129–146. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  23. 23.
    Rompel, J.: One-Way Functions are Necessary and Sufficient for Secure Signatures. In: The 22nd Annual Symposium on Theory of Computing, pp. 384–387. Association for Computing Machinery, New York (1990)Google Scholar
  24. 24.
    Schnorr, C.P.: Efficient Identification and Signatures for Smart Cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)Google Scholar
  25. 25.
    Shoup, V.: Using Hash Functions as a Hedge against Chosen Ciphertext Attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 275–288. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  26. 26.
    Waters, B.: Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Yilek, S.: Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 41–56. Springer, Heidelberg (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Hiroaki Anada
    • 1
  • Seiko Arita
    • 1
  1. 1.Institute of Information SecurityYokohamaJapan

Personalised recommendations