Methods for Restricting Message Space in Public-Key Encryption
スポンサーリンク
概要
- 論文の詳細を見る
This paper proposes methods for "restricting the message space" of public-key encryption, by allowing a third party to verify whether a given ciphertext does not encrypt some message which is previously specified as a "bad" (or "problematic") message. Public-key encryption schemes are normally designed not to leak even partial information of encrypted plaintexts, but it would be problematic in some circumstances. This higher level of confidentiality could be abused, as some malicious parties could communicate with each other, or could talk about some illegal topics, using an ordinary public key encryption scheme with help of the public-key infrastructure. It would be undesirable considering the public nature of PKI. The primitive of restrictive public key encryption will help this situation, by allowing a trusted authority to specify a set of "bad" plaintexts, and allowing every third party to detect ciphertexts that encrypts some of the specified "bad" plaintext. The primitive also provides strong confidentiality (of indistinguishability type) of the plaintext when it is not specified as "bad." In this way, a third party (possible a gateway node of the network) can examine a ciphertext (which comes from the network) includes an allowable content or not, and only when the ciphertext does not contain forbidden message, the gateway transfers the ciphertext to a next node. In this paper, we formalize the above requirements and provide two constructions that satisfied the formalization. The first construction is based on the techniques of Teranishi et al. (IEICE Trans. Fundamentals E92-A, 2009), Boudot (EUROCRYPT 2000), and Nakanishi et al. (IEICE Trans. Fundamentals E93-A, 2010), which are developed in the context of (revocation of) group signature. The other construction is based on the OR-proof technique. The first construction has better performance when very few messages are specified as bad, while the other does when almost all of messages are specified as bad (and only very few messages are allowed to encrypt).
著者
-
Kawai Yutaka
The University Of Tokyo
-
Hanaoka Goichiro
National Inst. Of Advanced Industrial Sci. And Technol. Tokyo Jpn
-
SAKAI Yusuke
University of Electro-Communications
-
Omote Kazumasa
Japan Advanced Inst. Of Sci. And Technol.
-
EMURA Keita
Japan Advanced Institute of Science and Technology
関連論文
- Traitor Tracing Scheme Secure against Adaptive Key Exposure and its Application to Anywhere TV Service(Discrete Mathematics and Its Applications)
- Practical and Secure Recovery of Disk Encryption Key Using Smart Cards
- The MAC-based Construction of Strong Multiple Encryption
- A Second-price Sealed-bid Auction with Public Verifiability
- An Anonymous Sealed-bid Auction with a Feature of Entertainment
- A Combinatorics Proliferation Model with Threshold for Malware Countermeasure
- CCA-Secure Public Key Encryption without Group-Dependent Hash Functions
- Formal Security Treatments for IBE-to-Signature Transformation : Relations among Security Notions
- Key-Insulated Public Key Encryption with Auxiliary Helper Key : Model, Constructions and Formal Security Proofs(Information Theory and Its Applications)
- Efficient Identity-Based Encryption with Tight Security Reduction(Information Theory and Its Applications)
- A New Key-Insulated Public Key Encryption Scheme with Auxiliary Helper Key
- Efficient Provider Authentication for Bidirectional Broadcasting Service
- A Trade-off Traitor Tracing Scheme
- Public Key Encryption Schemes from the (B)CDH Assumption with Better Efficiency
- Between Hashed DH and Computational DH : Compact Encryption from Weaker Assumption
- Universally Composable and Statistically Secure Verifiable Secret Sharing Scheme Based on Pre-Distributed Data
- How to Break COT-Based Fingerprinting Schemes and Design New One(Cryptography and Information Security, Information Theory and Its Applications)
- Secure Broadcast System with Simultaneous Individual Messaging
- How to Shorten a Ciphertext of Reproducible Key Encapsulation Mechanisms in the Random Oracle Model
- Efficient and Secure Aggregation of Sensor Data against Multiple Corrupted Nodes
- Proxiable Designated Verifier Signature
- Methods for Restricting Message Space in Public-Key Encryption
- Improvement of Network coding-based System for Ensuring Data Integrity in Cloud Computing
- Improvement of Network coding-based System for Ensuring Data Integrity in Cloud Computing