[Resource Topic] 2023/848: Extending Updatable Encryption: Public Key, Tighter Security and Signed Ciphertexts

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2023/848

Title:
Extending Updatable Encryption: Public Key, Tighter Security and Signed Ciphertexts

Authors: Chen Qian, Yao Jiang Galteland, Gareth T. Davies

Abstract:

Updatable encryption is a useful primitive that enables key rotation for storing data on an untrusted storage provider without the leaking anything about the plaintext or the key. In this work, we make two contributions. Firstly, we extend updatable encryption to the public-key setting, providing its security model and three different efficient constructions. Using a public-key updatable encryption scheme, a user can receive messages directly in the cloud from multiple senders without revealing their secret key. Secondly, we add signatures on ciphertexts to guarantee plaintext integrity and authenticity. We call our new primitive \emph{Public-Key Signable Updatable Encryption} (\mathsf{PSigUE}). Our approach ensures that only legitimate ciphertexts are accepted by the server, and the adversary cannot compromise the message integrity in the database. We bypass the conflict between public integrity verification and the malleability that comes from the update functionality.

We provide three pairing-based constructions of public-key signable updatable encryption. The first scheme, \mathsf{PSigUE}_1, is built using a dual-mode zero-knowledge proof of knowledge system under an assumption closely related to the k-linear assumption. The second scheme, \mathsf{PSigUE}_2, provides unlinkability in addition to public authenticity. In the third scheme, \mathsf{PSigUE}_\mathsf{T}, we achieve the tight security with respect of number of epochs. The construction of \mathsf{PSigUE}_\mathsf{T} is inspired by tag-based tightly-secure PKE schemes.

ePrint: https://eprint.iacr.org/2023/848

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .