Multirecipient encryption schemes: How to save on bandwidth and computation without sacrificing security

IEEE Transactions on Information Theory

Volumn 53, Issue 11, 2007, Pages 3927-3943

  Bellare, Mihir ^a   Boldyreva, Alexandra ^b   Kurosawa, Kaoru ^c   Staddon, Jessica ^d  

^a UNIVERSITY OF CALIFORNIA   (United States)

^b Georgia Institute of Technology   (United States)

^c IBARAKI UNIVERSITY   (Japan)

^d PALO ALTO RESEARCH CENTER   (United States)

Author keywords

Cryptography; Encryption; Provable security; Randomness

Indexed keywords

BANDWIDTH; COMPUTATIONAL METHODS; INFORMATION THEORY; RANDOM PROCESSES; SECURITY OF DATA;

AD HOC ANALYSES; MULTIRECIPIENT ENCRYPTION SCHEMES; STANDARD ENCRYPTION SCHEME;

CRYPTOGRAPHY;

EID: 36348998232     PISSN: 00189448     EISSN: None     Source Type: Journal    
DOI: 10.1109/TIT.2007.907471     Document Type: Article

References (36)

1. O. Baudron, D. Pointcheval, and J. Stern, "Extended notions of security for multicast public key cryptosystems," in International Colloquium on Automata, Languages and Programming (ICALP'00) (Lecture Notes in Computer Science). Berlin, Germany: Springer-Verlag, 2000.
2. M. Abdalla, M. Bellare, and P. Rogaway, "The oracle diffie-hellman assumptions and an analysis of DHIES," in CT-RSA 01 (Lecture Notes in Computer Science), D. Naccache, Ed. Berlin, Germany: Springer-Verlag, 2001, vol. 2020.
3. M. Bellare, A. Boldyreva, and S. Micali, "Public-key encryption in a multi-user setting: Security proofs and improvements," in Advances in Cryptology-EUROCRYPT'00 (Lecture Notes in Computer Science), B. Preneel, Ed. Berlin, Germany: Springer-Verlag, 2000, vol. 1807.
4. M. Bellare, A. Boldyreva, K. Kurosawa, and J. Staddon, "Multi-Recipient Encryption Schemes: How to Save on Bandwidth and Computation Without Sacrificing Security." Extended version of this paper. [Online]. Available: Www.cc.gatech.edu/aboldyre/Publications.html
5. M. Bellare, A. Boldyreva, and J. Staddon, "Multi-recipient encryption schemes: Efficient constructions and their security," in Proc. International Workshop on Practice and Theory in Public Key Cryptography (PKC'03) (Lecture Notes in Computer Science). Berlin, Germany: Springer-Verlag, 2003.
6. M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, "A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation," in Proc. 38th IEEE Symp. Foundations of Computer Science Miami Beach, FL, Oct. 1997, pp. 394-403.
7. M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway, "Relations among notions of security for public-key encryption schemes," in Advances in Cryptology - CRYPTO'98 (Lecture Notes in Computer Science , H. Krawczyk, Ed. Berlin, Germany: Springer-Verlag, 1998, vol. 1462.
8. M. Bellare and O. Goldreich, "On defining proofs of knowledge," in Advances in Cryptology - CRYPTO'92 (Lecture Notes in Computer Science) E. Brickell, Ed. Berlin, Germany: Springer-Verlag, 1992, vol. 740.
9. M. Bellare, T. Kohno, and V. Shoup, "Stateful public-key cryptosystems: How to encrypt with one 160-bit exponentiation," in Proc. of the ACM Conference on Computer and Communications Security (CCS), ACM, 2006.
10. M. Bellare and P. Rogaway, "Optimal asymmetric encryption - How to encrypt with RSA," in Advances in Cryptology - EUROCRYPT'94 (Lecture Notes in Computer Science), D. Santis, Ed., 1994, vol. 950, Springer-Verlag.
11. S. Berkovits, "How to broadcast a secret," in Advances in Cryptology - EUROCRYPT'91 (Lecture Notes in Computer Science), D. Davies, Ed. Berlin, Germany: Springer-Verlag, 1991, vol. 547.
12. M. Blum and S. Micali, "How to generate cryptographically strong sequences of pseudo-random bits," SIAM J. Comput., vol. 13, no. 4, Nov. 1984.
13. D. Boneh, "Simplified OAEP for the RSA and Rabin functions," in Advances in Cryptology - CRYPTO'01 (Lecture Notes in Computer Science J. Kilian, Ed. Berlin, Germany: Springer-Verlag, 2001, vol. 2139.
14. J. Camenisch and M. Michels, "Confirmer signature schemes secure against adaptive adversaries," in Advances in Cryptology-EUROCRYPT'00 (Lecture Notes in Computer Science), B. Preneel, Ed. Berlin, Germany: Springer-Verlag, 2000, vol. 1807.
15. R. Canetti, "Toward realizing random oracles: Hash functions that hide all partial information," in Advances in Cryptology - CRYPTO'97(Lecture Notes in Computer Science), B. Kalisk_i, Ed. Berlin,Germany: Springer-Verlag, 1997, vol. 1294.
16. R. Cramer and V. Shoup, "A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack," in Advances in Cryptology - CRYPTO'98 (Lecture Notes in Computer Science , H. Krawczyk, Ed. Berlin, Germany: Springer-Verlag, 1998, vol. 1462.
17. R. Cramer and V. Shoup, "Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack," SIAM J. Comput., vol. 33, no. 1, pp. 167-226, 2003.
18. T. ElGamal, "A public key cryptosystem and signature scheme based on discrete logarithms," IEEE Trans. Inf. Theory, vol. IT-31, no. 4, pp. 469-472, Jul. 1985.
19. A. Fiat and M. Naor, "Broadcast encryption," in Advances in Cryptology - CRYPTO'93 (Lecture Notes in Computer Science), D. Stinson, Ed. Berlin, Germany: Springer-Verlag, 1993, vol. 773.
20. E. Fujisaki and T. Okamoto, "Secure integration of asymmetric and symmetric encryption schemes," in Advances in Cryptology - CRYPTO'99 (Lecture Notes in Computer Science), M. Wiener, Ed. Berlin, Germany: Springer-Verlag, 1999, vol. 1666.
21. E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern, "RSA-OAEP is secure under the RSA assumption," in Advances in Cryptology - CRYPTO'01 (Lecture Notes in Computer Science), J. Kilian, Ed. Berlin, Germany: Springer-Verlag, 2001, vol. 2139.
22. S. Goldwasser and S. Micali, "Probabilistic encryption," J. Comp. Syst. Sci., vol. 28, pp. 270-299, 1984.
23. O. Goldreich, S. Goldwasser, and S. Micah, "How to construct random functions," J. Assoc. Comput. Mach., vol. 33, no. 4, pp. 210-217, 1986.
24. J. Håstad, "Solving simultaneous modular equations of low degree," SIAM J. Comput., vol. 17, no. 2, pp. 336-341, Apr. 1988.
25. J. Håstad, R. Impagliazzo, L. Levin, and M. Luby, "A pseudorandom generation from any one-way function," SIAM J. Comput., vol. 28, no. 4, pp. 1364-1396, 1999.
26. R. Impagliazzo and M. Luby, "One-way functions are essential for complexity based cryptography," in Proc. 30th IEEE Symp. Foundations of Computer Science, Research Triangle Park, NC, Oct./Nov. 1989, pp. 230-235.
27. K. Kurosawa, "Multi-recipient public-key encryption with shortened ciphertext," in Proc. Int. Workshop on Practice and Theory in Public Key Cryptography (PKC'02) (Lecture Notes in Computer Science). Berlin, Germany: Springer-Verlag, 2002.
28. S. Micali, C. Rackoff, and R. H. Sloan, "The notion of security for probabilistic cryptosystems," in Advances in Cryptology - CRYPTO'86 (Lecture Notes in Computer Science), A. Odlyzko, Ed. Berlin, Germany: Springer-Verlag, 1986, vol. 263.
29. M. Naor and O. Reingold, "Number-theoretic constructions of efficient pseudo-random functions," in Proc 38th IEEE Symp. Foundations of Computer Science, Miami Beach, FL, Oct. 1997, pp. 458-467.
30. M. Naor and M. Yung, "Universal one-way hash functions and their cryptographic applications," in Proc. ACM Symp. Theory of Computing (STOC'89), Seattle, WA, May 1989, pp. 33-43.
31. J. Rompel, "One-way functions are necessary and sufficient for secure signatures," in Proc. ACM Symp. Theory of Computing (STOC'90), Baltimore, MD, May 1990, pp. 387-394.
32. C. Rackoff and D. Simon, "Non-interactive zero-knowledge proof of knowledge and chosen-ciphertext attack," in Advances in Cryptology - CRYPTO'91 (Lecture Notes in Computer Science). Berlin, Germany: Springer-Verlag, 1991.
33. V. Shoup, "On formal models for secure key exchange," Univ. Calif. San Diego, La Jolla, CA, 1999, IBM Res. Rep. RZ 3120 [Online]. Available: http:pHilby.ucsd.edu/cryptolib
34. M. Stadler, "Publicly verifiable secret sharing," in Advances in Cryptology - EUROCRYPT'96 (Lecture Notes in Computer Science), U. Maurer, Ed. Berlin, Germany: Springer-Verlag, 1996, vol. 1070.
35. Y. Tsiounis and M. Yung, "On the security of ElGamal based encryption," in Proc. Int. Workshop on Practice and Theory in Public Key Cryptography (PKC'98) (Lecture Notes in Computer Science). Berlin, Germany: Springer-Verlag, 1998.
36. A. C. Yao, "Theory and application of trapdoor functions," in Proc. 23rd IEEE Symp. Foundations of Computer Science, Chicago, IL, Nov. 1982, pp. 80-91.