![Sample our Engineering & Technology journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5933/TOC-Subject-Sample-2021-Engineering-Tech.jpg"})
ABSTRACT
Binding encryption provides an effective way to broadcast a secret to an authorized group of users, which guarantees decryption consistency, i.e., that all users can obtain the same message without any interaction among them. In this paper, we first give the definition of security of a binding encryption, and then construct a primitive that achieves security against chosen plaintext attacks (CPA) and decryption consistency. This primitive is derived from a CPA-secure public-key encryption (PKE) scheme. Then, we present several transformations of binding encryption, which ensure some advanced security requirements such as anonymity, strong decryption consistency, and non-malleability.
(1) Negative results that: (a) A CCA (chosen-ciphertext attack) secure PKE does not imply a CCA-secure multi-receiver encryption (ME) or binding encryption; (b) an anonymous CPA-secure PKE implies an anonymous ME but does not imply any anonymous binding encryption; (c) a CCA-secure anonymous PKE does not imply a CCA-secure anonymous ME or anonymous binding encryption.
(2) A generic construction for a binding encryption that: (a) Uses CPA-secure PKE and symmetric encryption to construct a CPA-secure ME; (b) uses a CPA-secure ME and a polynomially verifiable function to construct a CPA-secure binding encryption.
(3) Three transformations from (anonymous) CCA-secure PKE to (anonymous) CCA-secure binding encryption: the first one is based on a strong one-time signature, the second one is derived from a trapdoor pseudo-random function, while the third one is based on (information-theoretically secure) cover-free families, and hence it does not require any additional computational assumptions.
ACKNOWLEDGEMENTS
This work is supported by the National Natural Science Foundation of China [Grant no. 61272404], [Grant no. 61370224], [Grant no. 61170135]; Guangdong Natural Science Foundation [Grant no. S2012010010383].
Additional information
Notes on contributors
Mingwu Zhang
Mingwu Zhang is currently a professor at the School of Computer Sciences, Hubei University of Technology. He was a JSPS postdoctoral fellow at the Institute of Mathematics for Industry of Kyushu University from 2010 to 2012. His research interests include network and information security and applied cryptography.
Kirill Morozov
Kirill Morozov received his M.E. degree in radio engineering from Saint Petersburg State University of Telecommunications, Russia, in 1998 and PhD degree in computer science from the University of Aarhus, Denmark, in 2005. In 2005, he was a postdoctoral fellow at the University of Tokyo. He was a research scientist at the National Institute of Advanced Industrial Science and Technology (AIST), Japan in 2006–2010. Since December 2010, he has been an assistant professor at Kyushu University, first in the Faculty of Mathematics, and then in the Institute of Mathematics for Industry. His research interests include cryptography and information security. He is a member of IACR, IEICE and IPSJ.
Tsuyoshi Takagi
Tsuyoshi Takagi received the BSc and MSc degrees in mathematics from Nagoya University in 1993 and 1995, respectively. He engaged in research on network security at NTT Laboratories from 1995 to 2001. He received the Dr.rer.nat degree from Technische Universität Darmstadt in 2001. He was an assistant professor in the Department of Computer Science at Technische Universität Darmstadt until 2005, and was a professor in the School of Systems Information Science at Future University-Hakodate until 2010. He is currently a professor in the Institute of Mathematics for Industry at Kyushu University. His current research interests are information security and cryptography. He is a member of International Association for Cryptologic Research (IACR).