Structure-Preserving Chosen-Ciphertext Security with Shorter Verifiable Ciphertexts

Structure-preserving cryptography is a world where messages, signatures, ciphertexts and public keys are entirely made of elements of a group over which a bilinear map is efficiently computable. While structure-preserving signatures have received much attention the last 6 years, structure-preserving encryption schemes have undergone slower development. In particular, the best known structure-preserving cryptosystems with chosen-ciphertext (IND-CCA2) security either rely on symmetric pairings or require long ciphertexts comprised of hundreds of group elements or do not provide publicly verifiable ciphertexts. We provide a publicly verifiable construction based on the SXDH assumption in asymmetric bilinear groups e : G× Ĝ→ GT , which features relatively short ciphertexts. For typical parameters, our ciphertext size amounts to less than 40 elements of G. As a second contribution, we provide a structure-preserving encryption scheme with perfectly randomizable ciphertexts and replayable chosen-ciphertext security. Our new RCCAsecure system significantly improves upon the best known system featuring similar properties in terms of ciphertext size.