TY - GEN
T1 - Toward fine-grained blackbox separations between semantic and circular-security notions
AU - Hajiabadi, Mohammad
AU - Kapron, Bruce M.
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2017.
PY - 2017
Y1 - 2017
N2 - We address the problems of whether t-circular-secure encryption can be based on (t − 1)-circular-secure encryption or on semantic (CPA) security, if t = 1. While for t = 1 a folklore construction, based on CPA-secure encryption, can be used to build a 1-circular-secure encryption with the same secret-key and message space, no such constructions are known for the bit-encryption case, which is of particular importance in fully-homomorphic encryption. Also, all constructions of t-circular encryption (bitwise or otherwise) are based on specific assumptions. We make progress toward these problems by ruling out all fully blackbox constructions of – 1-seed-circular-secure bit encryption from CPA-secure encryption; – t-seed-circular-secure encryption from (t − 1)-seed-circular secure encryption, for any t > 1. Informally, seed-circular security is a variant of the circular security notion in which the seed of the key-generation algorithm, instead of the secret key, is encrypted. We also show how to extend our first result to rule out a large and non-trivial class of constructions of 1-circular-secure bit encryption, which we dub key-isolating constructions. Our separations follow the model of Gertner, Malkin and Reingold (FOCS’01), which is a weaker separation model than that of Impagliazzo and Rudich.
AB - We address the problems of whether t-circular-secure encryption can be based on (t − 1)-circular-secure encryption or on semantic (CPA) security, if t = 1. While for t = 1 a folklore construction, based on CPA-secure encryption, can be used to build a 1-circular-secure encryption with the same secret-key and message space, no such constructions are known for the bit-encryption case, which is of particular importance in fully-homomorphic encryption. Also, all constructions of t-circular encryption (bitwise or otherwise) are based on specific assumptions. We make progress toward these problems by ruling out all fully blackbox constructions of – 1-seed-circular-secure bit encryption from CPA-secure encryption; – t-seed-circular-secure encryption from (t − 1)-seed-circular secure encryption, for any t > 1. Informally, seed-circular security is a variant of the circular security notion in which the seed of the key-generation algorithm, instead of the secret key, is encrypted. We also show how to extend our first result to rule out a large and non-trivial class of constructions of 1-circular-secure bit encryption, which we dub key-isolating constructions. Our separations follow the model of Gertner, Malkin and Reingold (FOCS’01), which is a weaker separation model than that of Impagliazzo and Rudich.
UR - http://www.scopus.com/inward/record.url?scp=85018711814&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85018711814&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-56614-6_19
DO - 10.1007/978-3-319-56614-6_19
M3 - Conference contribution
AN - SCOPUS:85018711814
SN - 9783319566139
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 561
EP - 591
BT - Advances in Cryptology – EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
A2 - Coron, Jean-Sebastien
A2 - Nielsen, Jesper Buus
PB - Springer Verlag
T2 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2017
Y2 - 30 April 2017 through 4 May 2017
ER -