Public-Key Encryption in the Bounded-Retrieval Model
We construct the first public-key encryption scheme in the Bounded-Retrieval Model (BRM), providing security against various forms of adversarial “key leakage” attacks. In this model, the adversary is allowed to learn arbitrary information about the decryption key, subject only to the constraint tha...
Saved in:
| Published in | Advances in Cryptology – EUROCRYPT 2010 pp. 113 - 134 |
|---|---|
| Main Authors | , , , , , |
| Format | Book Chapter |
| Language | English |
| Published |
Berlin, Heidelberg
Springer Berlin Heidelberg
2010
|
| Series | Lecture Notes in Computer Science |
| Subjects | |
| Online Access | Get full text |
| ISBN | 9783642131899 3642131891 |
| ISSN | 0302-9743 1611-3349 1611-3349 |
| DOI | 10.1007/978-3-642-13190-5_6 |
Cover
| Abstract | We construct the first public-key encryption scheme in the Bounded-Retrieval Model (BRM), providing security against various forms of adversarial “key leakage” attacks. In this model, the adversary is allowed to learn arbitrary information about the decryption key, subject only to the constraint that the overall amount of “leakage” is bounded by at most ℓ bits. The goal of the BRM is to design cryptographic schemes that can flexibly tolerate arbitrarily leakage bounds ℓ (few bits or many Gigabytes), by only increasing the size of secret key proportionally, but keeping all the other parameters — including the size of the public key, ciphertext, encryption/decryption time, and the number of secret-key bits accessed during decryption — small and independent of ℓ.
As our main technical tool, we introduce the concept of an Identity-Based Hash Proof System (IB-HPS), which generalizes the notion of hash proof systems of Cramer and Shoup [CS02] to the identity-based setting. We give three different constructions of this primitive based on: (1) bilinear groups, (2) lattices, and (3) quadratic residuosity. As a result of independent interest, we show that an IB-HPS almost immediately yields an Identity-Based Encryption (IBE) scheme which is secure against (small) partial leakage of the target identity’s decryption key. As our main result, we use IB-HPS to construct public-key encryption (and IBE) schemes in the Bounded-Retrieval Model. |
|---|---|
| AbstractList | We construct the first public-key encryption scheme in the Bounded-Retrieval Model (BRM), providing security against various forms of adversarial “key leakage” attacks. In this model, the adversary is allowed to learn arbitrary information about the decryption key, subject only to the constraint that the overall amount of “leakage” is bounded by at most ℓ bits. The goal of the BRM is to design cryptographic schemes that can flexibly tolerate arbitrarily leakage bounds ℓ (few bits or many Gigabytes), by only increasing the size of secret key proportionally, but keeping all the other parameters — including the size of the public key, ciphertext, encryption/decryption time, and the number of secret-key bits accessed during decryption — small and independent of ℓ.
As our main technical tool, we introduce the concept of an Identity-Based Hash Proof System (IB-HPS), which generalizes the notion of hash proof systems of Cramer and Shoup [CS02] to the identity-based setting. We give three different constructions of this primitive based on: (1) bilinear groups, (2) lattices, and (3) quadratic residuosity. As a result of independent interest, we show that an IB-HPS almost immediately yields an Identity-Based Encryption (IBE) scheme which is secure against (small) partial leakage of the target identity’s decryption key. As our main result, we use IB-HPS to construct public-key encryption (and IBE) schemes in the Bounded-Retrieval Model. |
| Author | Dodis, Yevgeniy Alwen, Joël Naor, Moni Segev, Gil Wichs, Daniel Walfish, Shabsi |
| Author_xml | – sequence: 1 givenname: Joël surname: Alwen fullname: Alwen, Joël email: jalwen@cs.nyu.edu organization: New York University (NYU), New York, USA – sequence: 2 givenname: Yevgeniy surname: Dodis fullname: Dodis, Yevgeniy email: dodis@cs.nyu.edu organization: New York University (NYU), New York, USA – sequence: 3 givenname: Moni surname: Naor fullname: Naor, Moni email: moni.naor@weizmann.ac.il organization: Weizmann Institute of Science, Rehovot, Israel – sequence: 4 givenname: Gil surname: Segev fullname: Segev, Gil email: gil.segev@weizmann.ac.il organization: Weizmann Institute of Science, Rehovot, Israel – sequence: 5 givenname: Shabsi surname: Walfish fullname: Walfish, Shabsi email: shabsi@google.com organization: Google Inc., Mountain View, USA – sequence: 6 givenname: Daniel surname: Wichs fullname: Wichs, Daniel email: wichs@cs.nyu.edu organization: New York University (NYU), New York, USA |
| BookMark | eNp9kMFOwzAMhgMMiW3sCbj0BQJxnCXNEaYNEEMgBOcoTVLoKOnUbqC-PWHbGV8s2_9n6f9HZBCbGAi5AHYJjKkrrXKKVApOAUEzOjXyiIwwLXbz9JgMQQJQRKFPyCTJD7dc6wEZMmScaiXwjEy6bsVSCSG5kEMinrdFXTn6EPpsHl3brzdVE7MqZpuPkN002-iDpy9h01bh29bZY-NDfU5OS1t3YXLoY_K2mL_O7ujy6fZ-dr2kK85RUumUVA5t6UoMXimhc4_A5TTIwokSZMgtCCwVIi-kYuhBauCeC-vQs4BjIvZ_t3Ft-x9b12bdVl-27Q0w85eMSVYNmmTW7JIwKZmEwR7rkjq-h9YUTfPZ_cv8AqAQYQ4 |
| ContentType | Book Chapter |
| Copyright | Springer-Verlag Berlin Heidelberg 2010 |
| Copyright_xml | – notice: Springer-Verlag Berlin Heidelberg 2010 |
| DBID | ABOKW UNPAY |
| DOI | 10.1007/978-3-642-13190-5_6 |
| DatabaseName | Unpaywall for CDI: Monographs and Miscellaneous Content Unpaywall |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: UNPAY name: Unpaywall url: https://proxy.k.utb.cz/login?url=https://unpaywall.org/ sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 3642131905 9783642131905 |
| EISSN | 1611-3349 |
| Editor | Gilbert, Henri |
| Editor_xml | – sequence: 1 givenname: Henri surname: Gilbert fullname: Gilbert, Henri email: henri.gilbert@orange-ftgroup.com |
| EndPage | 134 |
| ExternalDocumentID | 10.1007/978-3-642-13190-5_6 |
| GroupedDBID | -DT -GH -~X 1SB 29L 2HA 2HV 5QI 875 AASHB ABMNI ACGFS ADCXD AEFIE ALMA_UNASSIGNED_HOLDINGS EJD F5P FEDTE HVGLF LAS LDH P2P RNI RSU SVGTG VI1 ~02 ABOKW UNPAY |
| ID | FETCH-LOGICAL-j2236-6c767c3afcf3ed77498d31265e6bc4f16e8a143f7332b6703d16912d24ac3d0e3 |
| IEDL.DBID | UNPAY |
| ISBN | 9783642131899 3642131891 |
| ISSN | 0302-9743 1611-3349 |
| IngestDate | Tue Aug 19 21:03:40 EDT 2025 Wed Sep 17 02:58:49 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-j2236-6c767c3afcf3ed77498d31265e6bc4f16e8a143f7332b6703d16912d24ac3d0e3 |
| OpenAccessLink | https://proxy.k.utb.cz/login?url=https://link.springer.com/content/pdf/10.1007/978-3-642-13190-5_6.pdf |
| PageCount | 22 |
| ParticipantIDs | unpaywall_primary_10_1007_978_3_642_13190_5_6 springer_books_10_1007_978_3_642_13190_5_6 |
| PublicationCentury | 2000 |
| PublicationDate | 2010 |
| PublicationDateYYYYMMDD | 2010-01-01 |
| PublicationDate_xml | – year: 2010 text: 2010 |
| PublicationDecade | 2010 |
| PublicationPlace | Berlin, Heidelberg |
| PublicationPlace_xml | – name: Berlin, Heidelberg |
| PublicationSeriesTitle | Lecture Notes in Computer Science |
| PublicationSubtitle | 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30 – June 3, 2010. Proceedings |
| PublicationTitle | Advances in Cryptology – EUROCRYPT 2010 |
| PublicationYear | 2010 |
| Publisher | Springer Berlin Heidelberg |
| Publisher_xml | – name: Springer Berlin Heidelberg |
| RelatedPersons | Kleinberg, Jon M. Mattern, Friedemann Nierstrasz, Oscar Steffen, Bernhard Kittler, Josef Vardi, Moshe Y. Weikum, Gerhard Sudan, Madhu Naor, Moni Mitchell, John C. Terzopoulos, Demetri Pandu Rangan, C. Kanade, Takeo Hutchison, David Tygar, Doug |
| RelatedPersons_xml | – sequence: 1 givenname: David surname: Hutchison fullname: Hutchison, David organization: Lancaster University, Lancaster, UK – sequence: 2 givenname: Takeo surname: Kanade fullname: Kanade, Takeo organization: Carnegie Mellon University, Pittsburgh, USA – sequence: 3 givenname: Josef surname: Kittler fullname: Kittler, Josef organization: University of Surrey, Guildford, UK – sequence: 4 givenname: Jon M. surname: Kleinberg fullname: Kleinberg, Jon M. organization: Cornell University, Ithaca, USA – sequence: 5 givenname: Friedemann surname: Mattern fullname: Mattern, Friedemann organization: ETH Zurich, Zurich, Switzerland – sequence: 6 givenname: John C. surname: Mitchell fullname: Mitchell, John C. organization: Stanford University, Stanford, USA – sequence: 7 givenname: Moni surname: Naor fullname: Naor, Moni organization: Weizmann Institute of Science, Rehovot, Israel – sequence: 8 givenname: Oscar surname: Nierstrasz fullname: Nierstrasz, Oscar organization: University of Bern, Bern, Switzerland – sequence: 9 givenname: C. surname: Pandu Rangan fullname: Pandu Rangan, C. organization: Indian Institute of Technology, Madras, India – sequence: 10 givenname: Bernhard surname: Steffen fullname: Steffen, Bernhard organization: University of Dortmund, Dortmund, Germany – sequence: 11 givenname: Madhu surname: Sudan fullname: Sudan, Madhu organization: Massachusetts Institute of Technology, USA – sequence: 12 givenname: Demetri surname: Terzopoulos fullname: Terzopoulos, Demetri organization: University of California, Los Angeles, USA – sequence: 13 givenname: Doug surname: Tygar fullname: Tygar, Doug organization: University of California, Berkeley, USA – sequence: 14 givenname: Moshe Y. surname: Vardi fullname: Vardi, Moshe Y. organization: Rice University, Houston, USA – sequence: 15 givenname: Gerhard surname: Weikum fullname: Weikum, Gerhard organization: Max-Planck Institute of Computer Science, Saarbrücken, Germany |
| SSID | ssj0000446246 ssj0002792 |
| Score | 1.9091057 |
| Snippet | We construct the first public-key encryption scheme in the Bounded-Retrieval Model (BRM), providing security against various forms of adversarial “key leakage”... |
| SourceID | unpaywall springer |
| SourceType | Open Access Repository Publisher |
| StartPage | 113 |
| SubjectTerms | Ciphertext Size Learn With Error Random Oracle Relative Leakage Security Parameter |
| Title | Public-Key Encryption in the Bounded-Retrieval Model |
| URI | http://link.springer.com/10.1007/978-3-642-13190-5_6 https://link.springer.com/content/pdf/10.1007/978-3-642-13190-5_6.pdf |
| UnpaywallVersion | publishedVersion |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LSwMxEA61PYge6hMrWvbgSUgfO7vZ7FGlpSgWEQv1tOQJallLH0j99U72UYqIIJ43LORLmHzJzPcNIReRsjzAk4VGXGsahOBT4QtGRdwRlhu8t3AnFL4fssEouB2H4wrplVqYrNq9TEnmmgbn0pQu2lNty6x-O8_pI3WmXXBa6DBhLfy-RWosREpeJbXR8OHqOc8g-DQuCu2Zs-yDIF67D_34p42c6A7ZXqZTsfoQk8nGsdOv5-Uh88yt0FWbvLWWC9lSn9-8HP89oz2y6zQPnhMjIM77pGLSA1IvOz54RQA4JEH-ykfvzMrrpWq2ygKO95J6yCO9a9eiyWj6mHXpwi3suU5rkyMy6veebga06LtAX5EsMMpUxCIFwioLRiM_jLmGrs9Cw6QKbJcZLpBm2QjAlwxDhnaOO772A6FAdwwck2r6npoT4mnNZQxWckDeBQKEAQs8ElxKhszFb5DLEprE3SrmSWmjjIAkkCAgSQZIgoA0CF2vRjLNzTh-G3_6x_FnpLqYLc05soyFbGZSwGaxk74AGO7JFg |
| linkProvider | Unpaywall |
| linkToUnpaywall | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LSwMxEA61PYge6hMrKnvwJKSPnd1s9qhSKYpFxEI9LXmCWtbSbpH6653soxQRQTxvWMiXMPmSme8bQs4jZXmAJwuNuNY0CMGnwheMirgrLDd4b-FOKHw_ZINRcDsOxzXSr7QwebV7lZIsNA3OpSnNOlNtq6x-p8jpI3WmPXBa6DBhbfy-QRosREpeJ43R8OHyucgg-DQuC-2Zs-yDIF65D_34p7Wc6BbZXKRTsfwQk8nasXPTLMpD5rlboas2eWsvMtlWn9-8HP89ox2y7TQPnhMjIM67pGbSPdKsOj54ZQDYJ0HxykfvzNLrp2q2zAOO95J6yCO9K9eiyWj6mHfpwi3suU5rkwMyuuk_XQ9o2XeBviJZYJSpiEUKhFUWjEZ-GHMNPZ-FhkkV2B4zXCDNshGALxmGDO0cd3ztB0KB7ho4JPX0PTVHxNOayxis5IC8CwQIAxZ4JLiUDJmL3yIXFTSJu1XMk8pGGQFJIEFAkhyQBAFpEbpajWRamHH8Nv74j-NPSD2bLcwpsoxMnpV76AtnsMgV |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=bookitem&rft.title=Advances+in+Cryptology+%E2%80%93+EUROCRYPT+2010&rft.au=Alwen%2C+Jo%C3%ABl&rft.au=Dodis%2C+Yevgeniy&rft.au=Naor%2C+Moni&rft.au=Segev%2C+Gil&rft.atitle=Public-Key+Encryption+in+the+Bounded-Retrieval+Model&rft.series=Lecture+Notes+in+Computer+Science&rft.date=2010-01-01&rft.pub=Springer+Berlin+Heidelberg&rft.isbn=9783642131899&rft.issn=0302-9743&rft.eissn=1611-3349&rft.spage=113&rft.epage=134&rft_id=info:doi/10.1007%2F978-3-642-13190-5_6 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0302-9743&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0302-9743&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0302-9743&client=summon |