Tightly CCA-Secure Encryption without Pairings

Paper 2016/094

Tightly CCA-Secure Encryption without Pairings

Romain Gay, Dennis Hofheinz, Eike Kiltz, and Hoeteck Wee

Abstract

We present the first CCA-secure public-key encryption scheme based on DDH where the security loss is independent of the number of challenge ciphertexts and the number of decryption queries. Our construction extends also to the standard k-Lin assumption in pairing-free groups, whereas all prior constructions starting with Hofheinz and Jager (Crypto ’12) rely on the use of pairings. Moreover, our construction improves upon the concrete efficiency of existing schemes, reducing the ciphertext overhead by about half (to only 3 group elements under DDH), in addition to eliminating the use of pairings. We also show how to use our techniques in the NIZK setting. Specifically, we construct the first tightly simulation-sound designated-verifier NIZK for linear languages without pairings. Using pairings, we can turn our construction into a highly optimized publicly verifiable NIZK with tight simulation-soundness.

Metadata
Available format(s)
PDF
Publication info
A major revision of an IACR publication in EUROCRYPT 2016
Keywords
public-key encryptionCCA securitytightness
Contact author(s)
rgay @ di ens fr
History
2016-05-02: last of 8 revisions
2016-02-02: received
See all versions
Short URL
https://ia.cr/2016/094
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/094,
      author = {Romain Gay and Dennis Hofheinz and Eike Kiltz and Hoeteck Wee},
      title = {Tightly {CCA}-Secure Encryption without Pairings},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/094},
      year = {2016},
      url = {https://eprint.iacr.org/2016/094}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.