Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
143 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

CCA-Secure Hybrid Encryption in Correlated Randomness Model and KEM Combiners (2401.00983v2)

Published 2 Jan 2024 in cs.CR

Abstract: A hybrid encryption (HE) system is an efficient public key encryption system for arbitrarily long messages. An HE system consists of a public key component called key encapsulation mechanism (KEM), and a symmetric key component called data encapsulation mechanism (DEM). The HE encryption algorithm uses a KEM generated key k to encapsulate the message using DEM, and send the ciphertext together with the encapsulaton of k, to the decryptor who decapsulates k and uses it to decapsulate the message using the corresponding KEM and DEM components. The KEM/DEM composition theorem proves that if KEM and DEM satisfy well-defined security notions, then HE will be secure with well defined security. We introduce HE in correlated randomness model where the encryption and decryption algorithms have samples of correlated random variables that are partially leaked to the adversary. Security of the new KEM/DEM paradigm is defined against computationally unbounded or polynomially bounded adversaries. We define iKEM and cKEM with respective information theoretic computational security, and prove a composition theorem for them and a computationally secure DEM, resulting in secure HEs with proved computational security (CPA and CCA) and without any computational assumption. We construct two iKEMs that provably satisfy the required security notions of the composition theorem. The iKEMs are used to construct two efficient quantum-resistant HEs when used with an AES based DEM. We also define and construct combiners with proved security that combine the new KEM/DEM paradigm of HE with the traditional public key based paradigm of HE.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (68)
  1. R. Cramer and V. Shoup, “Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack,” SIAM J. Comput., vol. 33, no. 1, pp. 167–226, 2003. [Online]. Available: https://doi.org/10.1137/S0097539702403773
  2. J. Herranz, D. Hofheinz, and E. Kiltz, “Some (in)sufficient conditions for secure hybrid encryption,” Inf. and Computat., vol. 208, no. 11, pp. 1243–1257, 2010. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S089054011000132X
  3. E. Kiltz, “Chosen-Ciphertext Security from Tag-Based Encryption,” in Theory of Cryptogr. Conf.   Springer, 2006, pp. 581–600. [Online]. Available: http://link.springer.com/10.1007/11681878{_}30
  4. K. Kurosawa and Y. Desmedt, “A new paradigm of hybrid encryption scheme,” in Annu. Int. Cryptol. Conf.   Springer, 2004, pp. 426–442.
  5. J. Herranz, D. Hofheinz, and E. Kiltz, “The kurosawa-desmedt key encapsulation is not chosen-ciphertext secure.” IACR Cryptol. ePrint Arch., vol. 2006, p. 207, 2006.
  6. M. Abe, R. Gennaro, K. Kurosawa, and V. Shoup, “Tag-kem/dem: A new framework for hybrid encryption and a new analysis of kurosawa-desmedt kem,” in Advances in Cryptology – EUROCRYPT 2005.   Springer Berlin Heidelberg, 2005, pp. 128–146.
  7. H. Shacham, “A cramer-shoup encryption scheme from the linear assumption and from progressively weaker linear variants,” Cryptology ePrint Archive, Paper 2007/074, 2007, https://eprint.iacr.org/2007/074. [Online]. Available: https://eprint.iacr.org/2007/074
  8. P. Schwabe, D. Stebila, and T. Wiggers, “Post-quantum tls without handshake signatures,” in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’20.   New York, NY, USA: Association for Computing Machinery, 2020, p. 1461–1480. [Online]. Available: https://doi.org/10.1145/3372297.3423350
  9. P. Shor, “Algorithms for quantum computation: discrete logarithms and factoring,” in Proceedings 35th Annual Symposium on Foundations of Computer Science, 1994, pp. 124–134.
  10. J. Bos, L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, J. M. Schanck, P. Schwabe, G. Seiler, and D. Stehle, “CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM,” in 2018 IEEE Eur. Symp. Secur. Priv. (EuroS&P), IEEE.   IEEE, apr 2018, pp. 353–367. [Online]. Available: https://ieeexplore.ieee.org/document/8406610/
  11. N. I. of Standards and T. group, “Post-quantum cryptography standardization,” https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions, 2022, national Institute of Standards and Technology.
  12. L. K. Grover, “A fast quantum mechanical algorithm for database search,” in Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, ser. STOC ’96.   New York, NY, USA: Association for Computing Machinery, 1996, p. 212–219. [Online]. Available: https://doi.org/10.1145/237814.237866
  13. U. Maurer, “Secret Key Agreement by Public Discussion from Common Information,” IEEE Trans. Inf. Theory, vol. 39, no. 3, pp. 733–742, may 1993. [Online]. Available: https://ieeexplore.ieee.org/document/256484/
  14. R. Ahlswede and I. Csiszar, “Common Randomness in Information Theory and Cryptography. I. Secret Sharing,” IEEE Trans. Inf. Theory, vol. 39, no. 4, pp. 1121–1132, 1993. [Online]. Available: http://ieeexplore.ieee.org/document/243431/
  15. T. Holenstein and R. Renner, “One-way secret-key agreement and applications to circuit polarization and immunization of public-key encryption,” in Annu. Int. Cryptol. Conf.   Springer, 2005, pp. 478–493.
  16. T. Holenstein, “Strengthening Key Agreement using Hard-core Sets,” Ph.D. dissertation, ETH Zurich, 2006.
  17. J. M. Renes, R. Renner, and D. Sutter, “Efficient One-Way Secret-Key Agreement and Private Channel Coding via Polarization,” in Int. Conf. Theory Appl. Cryptol. Inf. Secur., ser. LNCS, K. Sako and P. Sarkar, Eds.   Springer, 2013, vol. 8269, pp. 194–213. [Online]. Available: http://link.springer.com/10.1007/978-3-642-42033-7{_}11
  18. R. A. Chou, M. R. Bloch, and E. Abbe, “Polar Coding for Secret-Key Generation,” IEEE Trans. Inf. Theory, vol. 61, no. 11, pp. 6213–6237, nov 2015. [Online]. Available: http://ieeexplore.ieee.org/document/7217814/
  19. S. Sharifian, A. Poostindouz, and R. Safavi-Naini, “A capacity-achieving one-way key agreement with improved finite blocklength analysis,” in Int. Symp. on Inf. Theory and Its Appl., ISITA 2020.   IEEE, 2020, pp. 407–411. [Online]. Available: https://ieeexplore.ieee.org/document/9366148
  20. Y. Dodis, L. Reyzin, and A. D. Smith, “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” in Advances in Cryptol. - EUROCRYPT 2004,, ser. LNCS, C. Cachin and J. Camenisch, Eds., vol. 3027.   Springer, 2004, pp. 523–540. [Online]. Available: https://doi.org/10.1007/978-3-540-24676-3_31
  21. Y. Dodis, R. Ostrovsky, L. Reyzin, and A. D. Smith, “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” SIAM J. Comput., vol. 38, no. 1, pp. 97–139, 2008. [Online]. Available: https://doi.org/10.1137/060651380
  22. X. Boyen, “Reusable cryptographic fuzzy extractors,” in Proceedings of the 11th ACM Conf. on Computer and communications security, 2004, pp. 82–91.
  23. X. Boyen, Y. Dodis, J. Katz, R. Ostrovsky, and A. Smith, “Secure remote authentication using biometric data,” in Annual Int. Conf. Theory Appl. Cryptographic Techniques.   Springer, 2005, pp. 147–163.
  24. Y. Dodis, B. Kanukurthi, J. Katz, L. Reyzin, and A. D. Smith, “Robust fuzzy extractors and authenticated key agreement from close secrets,” IEEE Trans. Inf. Theory, vol. 58, no. 9, pp. 6207–6222, 2012. [Online]. Available: https://doi.org/10.1109/TIT.2012.2200290
  25. R. Canetti, B. Fuller, O. Paneth, L. Reyzin, and A. Smith, “Reusable fuzzy extractors for low-entropy distributions,” in Annual Int. Conf. Theory Appl. Cryptographic Techniques.   Springer, 2016, pp. 117–146.
  26. C. H. Bennett and G. Brassard, “Quantum cryptography: Public key distribution and coin tossing,” in Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, 1984, pp. 175–179.
  27. U. Maurer, “Information-theoretically secure secret-key agreement by not authenticated public discussion,” in EUROCRYPT ’97, 1997, pp. 209–225.
  28. U. Maurer and S. Wolf, “Secret-Key Agreement over Unauthenticated Public Channels-Part II: The Simulatability Condition,” IEEE Trans. Inf. Theory, vol. 49, no. 4, pp. 832–838, apr 2003. [Online]. Available: http://ieeexplore.ieee.org/document/1193794/
  29. S. Panja, S. Jiang, and R. Safavi-Naini, “A one-way secret key agreement with security against active adversaries,” in 2023 IEEE International Symposium on Information Theory (ISIT), 2023, pp. 2314–2319.
  30. F. Giacon, F. Heuer, and B. Poettering, “KEM Combiners,” in IACR Int. Work. Public Key Cryptogr.   Springer, 2018, pp. 190–218. [Online]. Available: http://link.springer.com/10.1007/978-3-319-76578-5{_}7
  31. N. Bindel, J. Brendel, M. Fischlin, B. Goncalves, and D. Stebila, “Hybrid key encapsulation mechanisms and authenticated key exchange,” in Int. Conf. Post-Quantum Cryptogr.   Springer, 2019, pp. 206–226.
  32. S. Sharifian and R. Safavi-Naini, “Information-theoretic key encapsulation and its application to secure communication,” in 2021 IEEE Int. Symp. on Inf. Theory (ISIT).   IEEE, 2021, pp. 2393–2398.
  33. A. W. Dent, “A Designer’s Guide to KEMs,” in IMA Int. Conf. on Cryptogr. and Coding.   Springer, 2003, pp. 133–151. [Online]. Available: http://link.springer.com/10.1007/978-3-540-40974-8{_}12
  34. K. Bentahar, P. Farshim, J. Malone-Lee, and N. P. Smart, “Generic Constructions of Identity-Based and Certificateless KEMs,” J. Cryptol., vol. 21, no. 2, pp. 178–199, apr 2008. [Online]. Available: http://link.springer.com/10.1007/s00145-007-9000-z
  35. K. Haralambiev, T. Jager, E. Kiltz, and V. Shoup, “Simple and Efficient Public-Key Encryption from Computational Diffie-Hellman in the Standard Model,” in IACR Int. Work. Public Key Cryptogr.   Springer, 2010, pp. 1–18. [Online]. Available: http://link.springer.com/10.1007/978-3-642-13013-7{_}1
  36. J. Ding, X. Xie, and X. Lin, “A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem.” IACR Cryptol. ePrint Archive, vol. 2012, p. 688, 2012.
  37. C. Peikert, “Lattice Cryptography for the Internet,” in Int. Work. Post-Quantum Cryptogr.   Springer, 2014, pp. 197–219. [Online]. Available: http://link.springer.com/10.1007/978-3-319-11659-4{_}12
  38. M. Albrecht, C. Cid, K. Paterson, C. Tjhai, and M. Tomlinson, “Nts-kem — round 2 submission,” https://csrc.nist.gov/CSRC/media/Presentations/nts-kem-round-2-presentation/images-media/nts-kem.pdf, 2019, national Institute of Standards and Technology.
  39. T. Matsuda and J. C. N. Schuldt, “A New Key Encapsulation Combiner,” in 2018 Int. Symp. Inf. Theory Its Appl. (ISITA).   IEEE, 2018, pp. 698–702.
  40. D. Harnik, J. Kilian, M. Naor, O. Reingold, and A. Rosen, “On Robust Combiners for Oblivious Transfer and Other Primitives,” in Annu. Int. Conf. Theory Appl. Cryptographic Techniques.   Springer, 2005, pp. 96–113. [Online]. Available: http://link.springer.com/10.1007/11426639{_}6
  41. C. H. Bennett, G. Brassard, and J.-M. Robert, “Privacy Amplification by Public Discussion,” SIAM J. Comput., vol. 17, no. 2, pp. 210–229, apr 1988. [Online]. Available: http://epubs.siam.org/doi/10.1137/0217014
  42. R. Renner and S. Wolf, “Smooth Renyi Entropy and Applications,” in 2004 IEEE Int. Symp. Inf. Theory (ISIT)., IEEE.   IEEE, 2004, pp. 232–232. [Online]. Available: http://ieeexplore.ieee.org/document/1365269/
  43. T. Holenstein and R. Renner, “On the Randomness of Independent Experiments,” IEEE Trans. Inf. Theory, vol. 57, no. 4, pp. 1865–1871, apr 2011. [Online]. Available: http://ieeexplore.ieee.org/document/5730579/
  44. M. Tomamichel, J. Martinez-Mateo, C. Pacher, and D. Elkouss, “Fundamental finite key limits for information reconciliation in quantum key distribution,” in 2014 IEEE Int. Symp. on Inf. Theory, 2014, pp. 1469–1473.
  45. U. Maurer and S. Wolf, “Secret-Key Agreement over Unauthenticated Public Channels-Part I: Definitions and a Completeness Result,” IEEE Trans. Inf. Theory, vol. 49, no. 4, pp. 822–831, apr 2003. [Online]. Available: http://ieeexplore.ieee.org/document/1193793/
  46. R. Renner and S. Wolf, “The exact price for unconditionally secure asymmetric cryptography,” in Adv. Cryptol. - EUROCRYPT 2004, C. Cachin and J. L. Camenisch, Eds.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2004, pp. 109–125.
  47. B. Kanukurthi and L. Reyzin, “Key Agreement from Close Secrets over Unsecured Channels,” in Annu. Int. Conf. Theory Appl. Cryptographic Techniques.   Springer, 2009, pp. 206–223. [Online]. Available: http://link.springer.com/10.1007/978-3-642-01001-9{_}12
  48. C. E. Shannon, “Communication Theory of Secrecy Systems*,” Bell System Technical Journal, vol. 28, no. 4, pp. 656–715, oct 1949. [Online]. Available: http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=6769090
  49. S. Even and O. Goldreich, “On the power of cascade ciphers,” in Adv. Cryptol.   Boston, MA: Springer US, 1985, vol. 3, pp. 43–50. [Online]. Available: http://link.springer.com/10.1007/978-1-4684-4730-9{_}4
  50. U. M. Maurer and J. L. Massey, “Cascade Ciphers: The Importance of Being First,” J. Cryptol., vol. 6, no. 1, pp. 55–61, mar 1993. [Online]. Available: http://link.springer.com/10.1007/BF02620231
  51. M. Fischlin and A. Lehmann, “Security-amplifying combiners for collision-resistant hash functions,” in Advances in Cryptology - CRYPTO 2007, A. Menezes, Ed.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 224–243.
  52. A. Herzberg, “Folklore, practice and theory of robust combiners,” Cryptology ePrint Archive, Paper 2002/135, 2002, https://eprint.iacr.org/2002/135. [Online]. Available: https://eprint.iacr.org/2002/135
  53. D. Beaver, “Precomputing oblivious transfer,” in Annu. Int. Cryptol. Conf.   Springer, 1995, pp. 97–109.
  54. R. Bendlin, I. Damgård, C. Orlandi, and S. Zakarias, “Semi-homomorphic Encryption and Multiparty Computation,” in Annu. Int. Conf. Theory Appl. Cryptographic Techniques.   Springer, 2011, pp. 169–188. [Online]. Available: http://link.springer.com/10.1007/978-3-642-20465-4{_}11
  55. Y. Ishai, E. Kushilevitz, S. Meldgaard, C. Orlandi, and A. Paskin-Cherniavsky, “On the power of correlated randomness in secure computation,” in Theory of Cryptogr. Conf.   Springer, 2013, pp. 600–620.
  56. S. Garg, Y. Ishai, and A. Srinivasan, “Two-round mpc: information-theoretic and black-box,” in Theory of Cryptogr. Conf.   Springer, 2018, pp. 123–151.
  57. B. Pfitzmann and M. Waidner, “A model for asynchronous reactive systems and its application to secure message transmission,” in Proc. 2001 IEEE Symp. Secur. Privacy. S&P 2001.   IEEE, 2000, pp. 184–200.
  58. R. Impagliazzo, L. A. Levin, and M. Luby, “Pseudo-Random Generation from One-Way Functions,” in Proc. 21st Annu. ACM Symp. Theory Comput. -STOC ’89.   New York, New York, USA: ACM Press, 1989, pp. 12–24. [Online]. Available: http://portal.acm.org/citation.cfm?doid=73007.73009
  59. R. Cramer, G. Hanaoka, D. Hofheinz, H. Imai, E. Kiltz, R. Pass, A. Shelat, and V. Vaikuntanathan, “Bounded CCA2-Secure Encryption,” in Int. Conf. Theory Appl. Cryptol. Inf. Secur.   Springer, 2007, pp. 502–518. [Online]. Available: http://link.springer.com/10.1007/978-3-540-76900-2{_}31
  60. M. Bellare and C. Namprempre, “Authenticated encryption: Relations among notions and analysis of the generic composition paradigm,” in Int. Conf. Theory Appl. Cryptol. Inf. Secur.   Springer, 2000, pp. 531–545.
  61. J. Katz and M. Yung, “Characterization of security notions for probabilistic private-key encryption,” J. Cryptol., vol. 19, no. 1, pp. 67–95, 2006.
  62. T. Holenstein and R. Renner, “On the randomness of independent experiments,” IEEE Trans. Inf. Theor., vol. 57, no. 4, pp. 1865–1871, 2011.
  63. M. Bellare and P. Rogaway, “Optimal asymmetric encryption,” in Advances in Cryptology — EUROCRYPT’94, A. De Santis, Ed.   Berlin, Heidelberg: Springer Berlin Heidelberg, 1995, pp. 92–111.
  64. M. Bellare and A. Palacio, “Towards plaintext-aware public-key encryption without random oracles,” in Advances in Cryptology - ASIACRYPT 2004, P. J. Lee, Ed.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2004, pp. 48–62.
  65. J. L. Coolidge, “A treatise on algebraic plane curves,” New York: Dover, 1959, p. 10.
  66. E. W. Weisstein, “Bézout’s theorem,” From MathWorld–A Wolfram Web Resource, https://mathworld.wolfram.com/BezoutsTheorem.html. [Online]. Available: https://mathworld.wolfram.com/BezoutsTheorem.html
  67. B. Barak, R. Shaltiel, and E. Tromer, “True Random Number Generators Secure in a Changing Environment,” in Int. Workshop on Cryptographic Hardware and Embedded Systems.   Springer, 2003, pp. 166–180. [Online]. Available: http://link.springer.com/10.1007/978-3-540-45238-6{_}14
  68. M. Bellare and P. Rogaway, “Introduction to modern cryptography,” 2005, https://web.cs.ucdavis.edu/~rogaway/classes/227/spring05/book/main.pdf. [Online]. Available: https://web.cs.ucdavis.edu/~rogaway/classes/227/spring05/book/main.pdf

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now