Skip to main content

On the Implications from Updatable Encryption to Public-Key Cryptographic Primitives

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14895))

Included in the following conference series:

  • 387 Accesses

Abstract

Updatable encryption (UE) is a special type of symmetric-key encryption (SKE) that allows a third party to update ciphertexts while protecting plaintexts. Alamati et al. (CRYPTO 2019) showed a curious connection between UE and public-key encryption (PKE) that PKE can be constructed from UE. This implication result is somewhat surprising since it is well-known that PKE cannot be constructed from (ordinary) SKE in a black-box manner.

In this paper, we continue to study the relationships between UE and other cryptographic primitives to obtain further insights into the existence and power of UE, and assumptions required for it. More specifically, we introduce some security properties that are natural to consider for UE (and are indeed satisfied by some existing UE schemes), and then investigate what types of public-key cryptographic primitives can be constructed from UE with the additional properties. Specifically, we show the following results:

  • 2-round oblivious transfer (OT) can be constructed from UE that satisfies the oblivious samplability (OS) of original ciphertexts (i.e. those generated by the ordinary encryption algorithm, as opposed to those generated by the ciphertext-update algorithm) and the OS of update tokens (that are used for updating ciphertexts).

  • 3-round OT can be constructed from UE with OS of updated ciphertexts (i.e. those generated by the ciphertext-update algorithm).

  • Lossy encryption and PKE secure against selective-opening attacks can be constructed from UE if it satisfies what we call statistical confidentiality of original ciphertexts.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Throughout the paper, we will denote the randomness length of oblivious sampling algorithms by \(\ell \).

  2. 2.

    For those who are familiar with the security notions for UE, the type of UE we consider in this paper is so-called uni-directional ciphertext update and no-directional key update. However, our results in Sects. 4 and 5 can be established irrespectively of the directionality of ciphertext update and key update, since we will rely only on the security property of UE in case no key is corrupted. For detailed discussions on the directionality of ciphertext update and key update, see [10, 16].

  3. 3.

    The definitions of homomorphic PKE supporting homomorphisms for keys and plaintexts used in [10] and [16] are different. In the case of the DDH-based instantiation, the one in [10] is simply the ElGamal PKE scheme, while the one in [16] is based on the PKE scheme by Boneh et al. [3]. For the details of the formal definitions as well as the instantiations, see the original papers.

  4. 4.

    In the case of LWE-based instantiations, the public key/ciphertext space is just the set of integer vectors, and thus obliviously sampling an element from the spaces is trivial. For the DDH-based instantiations, we can use the simulatable group as formalized by Dent [7].

  5. 5.

    If this UE scheme based on iO had no problem, then the combination of it with our result in this section would imply a construction of lossy encryption based on iO, which to the best of our knowledge is not known before. Unfortunately, however, the iO-based UE scheme had an error and was retracted recently [18].

References

  1. Alamati, N., Montgomery, H., Patranabis, S.: Symmetric primitives with structured secrets. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part I. LNCS, vol. 11692, pp. 650–679. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_23

    Chapter  Google Scholar 

  2. Bellare, M., Hofheinz, D., Yilek, S.: Possibility and impossibility results for encryption and commitment secure under selective opening. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 1–35. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_1

    Chapter  Google Scholar 

  3. Boneh, D., Halevi, S., Hamburg, M., Ostrovsky, R.: Circular-secure encryption from decision Diffie-Hellman. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 108–125. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_7

    Chapter  Google Scholar 

  4. Boneh, D., Lewi, K., Montgomery, H., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 410–428. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_23

    Chapter  Google Scholar 

  5. Boyd, C., Davies, G.T., Gjøsteen, K., Jiang, Y.: Fast and secure updatable encryption. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part I. LNCS, vol. 12170, pp. 464–493. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56784-2_16

    Chapter  Google Scholar 

  6. Damgård, I., Nielsen, J.B.: Improved non-committing encryption schemes based on a general complexity assumption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 432–450. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_27

    Chapter  Google Scholar 

  7. Dent, A.W.: The Cramer-Shoup encryption scheme is plaintext aware in the standard model. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 289–307. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_18

    Chapter  Google Scholar 

  8. Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology, pp. 205–210. Springer, Boston, MA (1983). https://doi.org/10.1007/978-1-4757-0602-4_19

    Chapter  Google Scholar 

  9. Everspaugh, A., Paterson, K., Ristenpart, T., Scott, S.: Key rotation for authenticated encryption. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 98–129. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9_4

    Chapter  Google Scholar 

  10. Jiang Galteland, Y., Pan, J.: Backward-leak uni-directional updatable encryption from (homomorphic) public key encryption. In: Boldyreva, A., Kolesnikov, V. (eds.) Public-Key Cryptography, PKC 2023, Part II. LNCS, vol. 13941, pp. 399–428. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-31371-4_14

  11. Gertner, Y., Kannan, S., Malkin, T., Reingold, O., Viswanathan, M.: The relationship between public key encryption and oblivious transfer. In: FOCS 2000, pp. 325–335 (2000)

    Google Scholar 

  12. Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: STOC 1989, pp. 44–61 (1989)

    Google Scholar 

  13. Jiang, Y.: The direction of updatable encryption does not matter much. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020, Part III. LNCS, vol. 12493, pp. 529–558. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64840-4_18

    Chapter  Google Scholar 

  14. Klooß, M., Lehmann, A., Rupp, A.: (R)CCA secure updatable encryption with integrity protection. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019, Part I. LNCS, vol. 11476, pp. 68–99. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_3

    Chapter  Google Scholar 

  15. Lehmann, A., Tackmann, B.: Updatable encryption with post-compromise security. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part III. LNCS, vol. 10822, pp. 685–716. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7_22

    Chapter  Google Scholar 

  16. Miao, P., Patranabis, S., Watson, G.: Unidirectional updatable encryption and proxy re-encryption from DDH. In: Boldyreva, A., Kolesnikov, V. (eds.) Public-Key Cryptography, PKC 2023, Part II. LNCS, vol. 13941, pp. 368–398. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-31371-4_13

  17. Nishimaki, R.: The direction of updatable encryption does matter. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) Public-Key Cryptography, PKC 2022, Part II. LNCS, vol. 13178, pp. 194–224. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-97131-1_7

  18. Nishimaki, R.: The direction of updatable encryption does matter. Cryptology ePrint Archive, Report 2021/221, The latest version as of April 23, 2024. https://eprint.iacr.org/archive/2021/221/20240419:044657

  19. Yao, A.C.C.: Protocols for secure computations (extended abstract). In: FOCS 1982, pp. 160–164 (1982)

    Google Scholar 

Download references

Acknowledgement

This work was partially supported by JST CREST Grant Number JPMJCR22M1 and JSPS KAKENHI Grant Number JP23KJ0548.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Yuichi Tanishita .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tanishita, Y., Hayashi, R., Ishii, R., Matsuda, T., Matsuura, K. (2024). On the Implications from Updatable Encryption to Public-Key Cryptographic Primitives. In: Zhu, T., Li, Y. (eds) Information Security and Privacy. ACISP 2024. Lecture Notes in Computer Science, vol 14895. Springer, Singapore. https://doi.org/10.1007/978-981-97-5025-2_16

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-5025-2_16

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-5024-5

  • Online ISBN: 978-981-97-5025-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics