Public-Key Encryption with Lazy Parties
نویسنده
چکیده
In a public-key encryption scheme, if a sender is not concerned about the security of a message and is unwilling to generate costly randomness, the security of the encrypted message can be compromised. This is caused by the laziness of the sender. In this work, we characterize lazy parties in cryptography. Lazy parties are regarded as honest parties in a protocol, but they are not concerned about the security of the protocol in a certain situation. In such a situation, they behave in an honest-looking way, and are unwilling to do a costly task. We study, in particular, public-key encryption with lazy parties. Specifically, as the first step toward understanding the behavior of lazy parties in public-key encryption, we consider a rather simple setting in which the costly task is to generate randomness used in algorithms, and parties can choose either costly good randomness or cheap bad randomness. We model lazy parties as rational players who behaves rationally to maximize their utilities, and define a security game between lazy parties and an adversary. A secure encryption scheme requires that the game is conducted by lazy parties in a secure way if they follow a prescribed strategy, and the prescribed strategy is a good equilibrium solution for the game. Since a standard secure encryption scheme does not work for lazy parties, we present some public-key encryption schemes that are secure for lazy parties.
منابع مشابه
Achieving Fine-grained Access Control and Integrity Auditing in Cloud Storage ⋆
Attributes based encryption (ABE) can achieve flexible and scalable access control and gurantee the confidentiality of the data stored in the cloud. However, important issues such as efficient user revocation and fine-grained access control are not straightforward, which constrain the adoption of ABE in cloud storage systems.Our proposed scheme realizes fine-grained read and write access contro...
متن کاملAdaptively-Secure, Non-interactive Public-Key Encryption
Adaptively-secure encryption schemes ensure secrecy even in the presence of an adversary who can corrupt parties in an adaptive manner based on public keys, ciphertexts, and secret data of alreadycorrupted parties. Ideally, an adaptively-secure encryption scheme should, like standard public-key encryption, allow arbitrarily-many parties to use a single encryption key to securely encrypt arbitra...
متن کاملTwo Party RSA Key Generation
We present a protocol for two parties to generate an RSA key in a distributed manner. At the end of the protocol the public key: a modulus N = PQ, and an encryption exponent e are known to both parties. Individually, neither party obtains information about the decryption key d and the prime factors of N : P and Q. However, d is shared among the parties so that threshold decryption is possible.
متن کاملTwo Party RSA Key Generation
We present a protocol for two parties to generate an RSA key in a distributed manner. At the end of the protocol the public key: a modulus N = PQ, and an encryption exponent e are known to both parties. Individually, neither party obtains information about the decryption key d and the prime factors of N : P and Q. However, d is shared among the parties so that threshold decryption is possible.
متن کاملTwo Party RSA Key Generation ( Extended
We present a protocol for two parties to generate an RSA key in a distributed manner. At the end of the protocol the public key: a modulus N = PQ, and an encryption exponent e are known to both parties. Individually, neither party obtains information about the decryption key d and the prime factors of N : P and Q. However, d is shared among the parties so that threshold decryption is possible.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEICE Transactions
دوره 99-A شماره
صفحات -
تاریخ انتشار 2012