Paper 2016/094
Tightly CCA-Secure Encryption without Pairings
Romain Gay, Dennis Hofheinz, Eike Kiltz, and Hoeteck Wee
Abstract
We present the first CCA-secure public-key encryption scheme based on DDH where the security loss is independent of the number of challenge ciphertexts and the number of decryption queries. Our construction extends also to the standard k-Lin assumption in pairing-free groups, whereas all prior constructions starting with Hofheinz and Jager (Crypto ’12) rely on the use of pairings. Moreover, our construction improves upon the concrete efficiency of existing schemes, reducing the ciphertext overhead by about half (to only 3 group elements under DDH), in addition to eliminating the use of pairings. We also show how to use our techniques in the NIZK setting. Specifically, we construct the first tightly simulation-sound designated-verifier NIZK for linear languages without pairings. Using pairings, we can turn our construction into a highly optimized publicly verifiable NIZK with tight simulation-soundness.
Metadata
- Available format(s)
-
PDF
- Publication info
- A major revision of an IACR publication in EUROCRYPT 2016
- Keywords
- public-key encryptionCCA securitytightness
- Contact author(s)
- rgay @ di ens fr
- History
- 2016-05-02: last of 8 revisions
- 2016-02-02: received
- See all versions
- Short URL
- https://ia.cr/2016/094
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/094,
author = {Romain Gay and Dennis Hofheinz and Eike Kiltz and Hoeteck Wee},
title = {Tightly {CCA}-Secure Encryption without Pairings},
howpublished = {Cryptology {ePrint} Archive, Paper 2016/094},
year = {2016},
url = {https://eprint.iacr.org/2016/094}
}