Leakage-Resilience of Stateless/Stateful Public-Key Encryption from Hash Proofs

  • Manh Ha Nguyen
  • Keisuke Tanaka
  • Kenji Yasunaga
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7372)


We consider the problem of constructing public-key encryption (PKE) schemes that are resilient to a-posteriori chosen-ciphertext and key-leakage attacks. Recently, Naor and Segev (CTYPTO’09) have proven that the Naor-Yung generic construction of PKE which is secure against chosen-ciphertext attack (CCA2) is also secure against key-leakage attacks. Their construction uses simulation-sound NIZK and leakage-resilient CPA-secure PKE, and the latter is a variant of the Cramer-Shoup cryptosystem. This CCA2-secure scheme is based on the hardness of the DDH problem. In this paper, we apply the generic construction of “Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption” (EUROCRYPT’02) to generalize the above work of Naor-Segev. In comparing to the first construction of Naor-Segev, ours “removes” simulation-sound NIZK which is not efficient component. We also extend it to stateful PKE schemes. Concretely, in the construction of the stateless PKE, we use the combination of any 1-universal hash proof system that satisfies the condition of a key-leakage extractor and any 2-universal hash proof system with some condition on the length of proof. In the case of the stateful PKE, we use the combination of two hash proof systems as in the case of stateless PKE and IND-CCA-secure symmetric encryption.


Encryption Scheme Symmetric Encryption Challenge Ciphertext Decryption Oracle Symmetric Encryption Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous Hardcore Bits and Cryptography against Memory Attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Baek, J., Zhou, J., Bao, F.: Generic Constructions of Stateful Public Key Encryption and Their Applications. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 75–93. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)Google Scholar
  5. 5.
    Bellare, M., Kohno, T., Shoup, V.: Stateful Public-Key Cryptosystems: How to Encryption with One 160-bit Exponentiaton. In: ACM CCS 2006, pp. 380–389. ACM Press (2006)Google Scholar
  6. 6.
    Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Cramer, R., Shoup, V.: Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Cramer, R., Shoup, V.: Design and Analysis of Practical Public-Key Encryption Schemes Secure Against Adaptive Chosen Ciphertext Attack. SIAM J. Comput. 33(1), 167–226 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and other Noisy Data. SIAM J. Comput. 38(1), 97–139 (2008)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient Public-Key Cryptography in the Presence of Key Leakage. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 613–631. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Gaubatz, G., Kaps, J.-P., Sunar, B.: Public Key Cryptography in Sensor Networks—Revisited. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 2–18. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for Hard Lattices and New Cryptographic Constructions. In: Proc. of the 40th Annual ACM Symposium on Theory of Computing, pp. 197–206 (2008)Google Scholar
  13. 13.
    Halderman, A., Schoen, D., Heninger, N., Clarkson, W., Paul, W., Calandrino, A., Feldman, J., Appelbaum, J., Felten, W.: Lest we remember: Cold Boot Attack on Encryption Keys. In: Oorschot, P. (ed.) USENIX Security Symposium, pp. 45–60. USENIX Association (2008)Google Scholar
  14. 14.
    Kiltz, E., Pietrzak, K., Stam, M., Yung, M.: A New Randomness Extraction Paradigm for Hybrid Encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 590–609. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)Google Scholar
  16. 16.
    Naor, M., Segev, G.: Public-Key Cryptosystems Resilient to Key Leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  17. 17.
    Phan, T., Huang, L., Dulan, C.: Challenge: Integrating Mobile Wireless Devices Into the Computational Grid. In: MobiCom 2002, pp. 271–278. ACM Press (2002)Google Scholar
  18. 18.
    Regev, O.: On Lattices, Learning With Errors, Random Linear Codes, and Cryptography. In: Proc. of the 37th Annual ACM Symposium on Theory of Computing, pp. 84–93 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Manh Ha Nguyen
    • 1
  • Keisuke Tanaka
    • 1
  • Kenji Yasunaga
    • 2
  1. 1.Tokyo Institute of TechnologyJapan
  2. 2.Institute of SystemsInformation Technologies and Nanotechnologies (ISIT)Japan

Personalised recommendations