Single-bit re-encryption with applications to distributed proof systems
Pages 48 - 55
Abstract
We examine the implementation of the distributed proof system designed by Minami and Kotz [17]. We find that, although a high-level analysis shows that it preserves confidentiality, the implementation of the cryptographic primitives contains a covert channel that can leak information. Moreover, this channel is present with any traditional choice of public key encryption functions.
To remedy this problem, we use the Goldwasser-Micali cryptosystem to implement single-bit re-encryption and show how to make it free of covert channels. We then extend the primitive to support commutative encryption as well. Using this primitive, we design a variant of the Minami-Kotz algorithm that not only is free of covert channels, but also has additional proving power over the original design.
References
[1]
L. Bauer, S. Garriss, J. M. McCune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled authorization in the Grey system. In J. Zhou and J. Lopez, editors, Information Security Conference, volume 3650 of Lecture Notes in Computer Science, pages 431--445, Singapore, Sept. 2005.
[2]
L. Bauer, S. Garriss, and M. K. Reiter. Distributed proving in access-control systems. In V. Paxson and M. Waidner, editors, IEEE Symposium on Security and Privacy, pages 81--95, Washington, DC, USA, May 2005. Computer Society.
[3]
M. Bellare and P. Rogaway. Optimal asymmetric encryption. In A. De Santis, editor, Advances in Cryptology . EUROCRYPT, volume 950 of Lecture Notes in Computer Science, pages 92--111, Perugia, Italy, May 1994.
[4]
J. Boyar, K. Friedl, and C. Lund. Practical zero-knowledge proofs: Giving hints and using deficiencies. Journal of Cryptology, 4(3):185--206, Jan. 1991.
[5]
I. Damgård and M. Jurik. A generalisation, a simplification and some applications of Paillier's probabilistic public-key system. In K. Kim, editor, Workshop on Practice and Theory in Public Key Cryptography, volume 1992 of Lecture Notes in Computer Science, pages 119--136, Cheju Island, Korea, Feb. 2001.
[6]
J. DeTreville. Binder, a logic-based security language. In M. Abadi and S. M. Bellovin, editors, IEEE Symposium on Security and Privacy, pages 105--113, Oakland, CA, USA, May 2002.
[7]
S. M. Eikenberry and J. P. Sorenson. Efficient algorithms for computing the Jacobi symbol. Journal of Symbolic Computation, 26(4):509--523, 1998.
[8]
J. Furukawa and K. Sako. An efficient scheme for proving a shuffle. In J. Kilian, editor, Advances in Cryptology (CRYPTO), volume 2139 of Lecture Notes in Computer Science, pages 368--387, Santa Barbara, CA, USA, Aug. 2001.
[9]
S. Goldwasser and S. Micali. Probabilistic encryption and how to play mental poker keeping secret all partial information. In H. R. Lewis, editor, ACM Symposium on Theory of Computing, pages 365--377, San Francisco, CA, May 1982.
[10]
S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28(2):270--299, 1984.
[11]
P. Golle and D. Boneh. Almost entirely correct mixing with applications to voting. In R. Sandhu, editor, 9th ACM Conference on Communications and Computer Security, pages 68--77, Washington, DC, Oct. 2002.
[12]
M. Jakobsson, A. Juels, and R. Rivest. Making mix nets robust for electronic voting by randomized partial checking. In D. Boneh, editor, USENIX Security Symposium, pages 339--353, San Francisco, CA, Aug. 2002.
[13]
T. Jim. SD3: A trust management system with certified evaluation. In R. Needham and M. Abadi, editors, IEEE Symposium on Security and Privacy, pages 106--115, Berkeley, CA, May 2001. Society.
[14]
A. Juels and J. Guajardo. RSA key generation with verifiable randomness. In D. Naccache and P. Paillier, editors, Workshop on Practice and Theory in Public Key Cryptosystems, volume 2274 of Lecture Notes in Computer Science, pages 261--285, Paris, France, Feb. 2002.
[15]
E. Kushilevitz and R. Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In Symposium on Foundations of Computer Science, Miami Beach, FL, Oct. 1997.
[16]
J. Massey and J. Omura. A new multiplicative algorithm over finite fields and its applicability in public key cryptography. Presented at the rump session of EUROCRYPT, Mar. 1983.
[17]
K. Minami and D. Kotz. Secure context-sensitive authorization. Journal of Pervasive and Mobile Computing, 1(1):123--156, Mar. 2005.
[18]
K. Minami and D. Kotz. Secure context-sensitive authorization. In K. Nahrstedt, editor, IEEE International Conference on Pervasive Computing and Communications, pages 257--268, Kauai, HI, Mar. 2005.
[19]
C. A. Neff. A verifiable secret shuffle and its applications to e-voting. In P. Samarati, editor, 8th ACM conference on Computer and Communications Security, pages 116--125, Philadelphia, PA, Oct. 2001.
[20]
S. C. Pohlig and M. E. Hellman. An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Transactions on Information Theory, 24(1):106--110, Jan. 1978.
[21]
A. Shamir. How to share a secret. Communications of the ACM, 22:612--613, 1979.
[22]
J. van de Graaf and R. Peralta. A simple and secure way to show the validity of your public key. In C. Pomerance, editor, Advances in Cryptology . CRYPTO, volume 293 of Lecture Notes in Computer Science, pages 128--134, Santa Barbara, CA, Aug. 1987.
[23]
S. A. Weis. New Foundations for Efficient Authentication, Commutative Cryptography, and Private Disjointness Testing. PhD thesis, Massachusetts Institute of Technology, May 2006.
[24]
M. Winslett, C. C. Zhang, and P. A. Bonatti. PeerAccess: A logic for distributed authorization. In C. Meadows, editor, 12th ACM Conference on Computer and Communications Security, pages 168--179, Alexandria, VA, USA, 2005.
Index Terms
- Single-bit re-encryption with applications to distributed proof systems
Recommendations
Chosen-ciphertext secure proxy re-encryption
CCS '07: Proceedings of the 14th ACM conference on Computer and communications securityIn a proxy re-encryption (PRE) scheme, a proxy is given special information that allows it to translate a ciphertext under one key into a ciphertext of the same message under a different key. The proxy cannot, however, learn anything about the messages ...
A Hybrid Scheme of Public-Key Encryption and Somewhat Homomorphic Encryption
We introduce a hybrid homomorphic encryption that combines public-key encryption (PKE) and somewhat homomorphic encryption (SHE) to reduce the storage requirements of most somewhat or fully homomorphic encryption (FHE) applications. In this model, ...
Secure Content Distribution Using Multi-hop Proxy Re-encryption
A proxy re-encryption (PRE) scheme allows a semi-trusted proxy to convert a ciphertext intended for some recipient, say Alice, into another ciphertext which can only be decrypted by the other designated one, say Bob. It is required that the semi-trusted ...
Comments
Information & Contributors
Information
Published In
Copyright © 2007 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 29 October 2007
Check for updates
Author Tags
Qualifiers
- Article
Conference
CCS07: 14th ACM Conference on Computer and Communications Security 2007
October 29, 2007
Virginia, Alexandria, USA
Acceptance Rates
Overall Acceptance Rate 106 of 355 submissions, 30%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 167Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in