TY - GEN
T1 - Practical dual-receiver encryption
T2 - 2014 Conference on Cryptographer's Track at the RSA, CT-RSA 2014
AU - Chow, Sherman S.M.
AU - Franklin, Matthew
AU - Zhang, Haibin
PY - 2014
Y1 - 2014
N2 - We reformalize and recast dual-receiver encryption (DRE) proposed in CCS '04, a public-key encryption (PKE) scheme for encrypting to two independent recipients in one shot. We start by defining the crucial soundness property for DRE, which ensures that two recipients will get the same decryption result. While conceptually simple, DRE with soundness turns out to be a powerful primitive for various goals for PKE, such as complete non-malleability (CNM) and plaintext-awareness (PA). We then construct practical DRE schemes without random oracles under the Bilinear Decisional Diffie-Hellman assumption, while prior approaches rely on random oracles or inefficient non-interactive zero-knowledge proofs. Finally, we investigate further applications or extensions of DRE, including DRE with CNM, combined use of DRE and PKE, strengthening two types of PKE schemes with plaintext equality test, off-the-record messaging with a stronger notion of deniability, etc.
AB - We reformalize and recast dual-receiver encryption (DRE) proposed in CCS '04, a public-key encryption (PKE) scheme for encrypting to two independent recipients in one shot. We start by defining the crucial soundness property for DRE, which ensures that two recipients will get the same decryption result. While conceptually simple, DRE with soundness turns out to be a powerful primitive for various goals for PKE, such as complete non-malleability (CNM) and plaintext-awareness (PA). We then construct practical DRE schemes without random oracles under the Bilinear Decisional Diffie-Hellman assumption, while prior approaches rely on random oracles or inefficient non-interactive zero-knowledge proofs. Finally, we investigate further applications or extensions of DRE, including DRE with CNM, combined use of DRE and PKE, strengthening two types of PKE schemes with plaintext equality test, off-the-record messaging with a stronger notion of deniability, etc.
KW - Dual receiver encryption
KW - combined encryption
KW - complete non- malleability
KW - off-the-record messaging
KW - plaintext-awareness
KW - soundness
UR - http://www.scopus.com/inward/record.url?scp=84901272343&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-04852-9_5
DO - 10.1007/978-3-319-04852-9_5
M3 - Conference contribution
AN - SCOPUS:84901272343
SN - 9783319048512
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 85
EP - 105
BT - Topics in Cryptology, CT-RSA 2014 - The Cryptographer's Track at the RSA Conference 2014, Proceedings
PB - Springer Verlag
Y2 - 25 February 2014 through 28 February 2014
ER -