Efficient and Non-malleable Proofs of Plaintext Knowledge and Applications

نویسنده

  • Jonathan Katz
چکیده

We describe very efficient protocols for non-malleable (interactive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El-Gamal encryption schemes whose security can be proven in the standard model. We also highlight some important applications of these protocols, where we take care to ensure that our protocols remain secure when run in an asynchronous, concurrent environment: • Chosen-ciphertext-secure, interactive encryption. In some settings where both parties are on-line (e.g., SSL), an interactive encryption protocol may be used. We construct chosen-ciphertext-secure interactive encryption schemes based on any of the schemes above. In each case, the improved scheme requires only a small overhead beyond the original, semantically-secure scheme. • Password-based authenticated key exchange. We provide efficient protocols for password-based authenticated key exchange in the public-key model [27, 5]. Security of our protocols may be based on any of the cryptosystems mentioned above. • Deniable authentication. We demonstrate deniable authentication protocols satisfying the strongest notion of security. These are the first efficient constructions based on, e.g., the RSA or computational Diffie-Hellman assumptions. Our techniques provide a general methodology for constructing efficient non-malleable (zero-knowledge) proofs of knowledge when shared parameters are available (for our intended applications, these parameters can simply be included as part of users’ public keys). Thus, non-malleable proofs of knowledge are easy to achieve “in practice”.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Efficient and Non-Malleable Proofs of Plaintext

We describe efficient protocols for non-malleable (interactive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El Gamal encryption schemes. We also highlight some important applications of these protocols: – Chosen-ciphertext-secure, interactive encryption. In settings where both parties are on-line, an interactive encryption protocol may be used. We construct chosen-ciphertext...

متن کامل

A new security proof for FMNV continuous non-malleable encoding scheme

A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...

متن کامل

Zero-knowledge proofs in theory and practice

Zero-knowledge proof schemes are one of the main building blocks of modern cryptography. Using the Helios voting protocol as a practical example, we show mistakes in the previous understanding of these proof schemes and the resulting security problems. We proceed to deVne a hierarchy of security notions that solidiVes our understanding of proof schemes: weak proof schemes, strong proof schemes ...

متن کامل

4-Round Concurrent Non-Malleable Commitments

The round complexity of non-malleable commitments and non-malleable zero knowledge arguments has been an open question for long time. Very recent results of Pass [TCC 2013] and of Goyal et al. [FOCS 2014, STOC 2016], gave almost definitive answers. In this work we show how to construct round-efficient non-malleable protocols via compilers. Starting from protocols enjoying limited non-malleabili...

متن کامل

From Single-Bit to Multi-bit Public-Key Encryption via Non-malleable Codes

One approach towards basing public-key encryption (PKE) schemes on weak and credible assumptions is to build “stronger” or more general schemes generically from “weaker” or more restricted ones. One particular line of work in this context was initiated by Myers and shelat (FOCS ’09) and continued by Hohenberger, Lewko, and Waters (Eurocrypt ’12), who provide constructions of multi-bit CCA-secur...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2002