Paper 2013/690

Obfuscation ==> (IND-CPA Security =/=> Circular Security)

Antonio Marcedone and Claudio Orlandi

Abstract

Circular security is an important notion for public-key encryption schemes and is needed by several cryptographic protocols. In circular security the adversary is given an extra ``hint'' consisting of a cycle of encryption of secret keys i.e., (E_{pk_1}(sk_2),..., E_{pk_n}(sk_1)). A natural question is whether every IND-CPA encryption scheme is also circular secure. It is trivial to see that this is not the case when n=1. In 2010 a separation for n=2 was shown by [ABBC10,GH10] under standard assumptions in bilinear groups. In this paper we finally settle the question showing that for every $n$ there exist an IND-CPA secure scheme which is not n-circular secure. Our result relies on the recent progress in program obfuscation.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint. MINOR revision.
Keywords
Circular SecurityRelated Key AttackObfuscation.
Contact author(s)
orlandi @ cs au dk
History
2014-05-02: last of 5 revisions
2013-10-24: received
See all versions
Short URL
https://ia.cr/2013/690
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/690,
      author = {Antonio Marcedone and Claudio Orlandi},
      title = {Obfuscation ==> (IND-CPA Security =/=> Circular Security)},
      howpublished = {Cryptology ePrint Archive, Paper 2013/690},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/690}},
      url = {https://eprint.iacr.org/2013/690}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.