Paper 2020/622

The Direction of Updatable Encryption does not Matter Much

Yao Jiang

Abstract

Updatable encryption schemes allow for key rotation on ciphertexts. A client outsourcing storage of encrypted data to a cloud server can change its encryption key. The cloud server can update the stored ciphertexts to the new key using only a token provided by the client. This paper solves two open problems in updatable encryption, that of uni-directional vs. bi-directional updates, and post-quantum security. The main result in this paper is to analyze the security notions based on uni- and bi-directional updates. Surprisingly, we prove that uni- and bi-directional variants of each security notion are equivalent. The second result in this paper is to provide a new and efficient updatable encryption scheme based on the Decisional Learning with Error assumption. This gives us post-quantum security. Our scheme is bi-directional, but because of our main result, this is sufficient.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in ASIACRYPT 2020
DOI
10.1007/978-3-030-64840-4_18
Keywords
updatable encryptioncloud storagekey rotationlattice-based cryptographypost-quantum cryptography
Contact author(s)
yao jiang @ ntnu no
History
2021-06-20: last of 3 revisions
2020-05-28: received
See all versions
Short URL
https://ia.cr/2020/622
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/622,
      author = {Yao Jiang},
      title = {The Direction of Updatable Encryption does not Matter Much},
      howpublished = {Cryptology ePrint Archive, Paper 2020/622},
      year = {2020},
      doi = {10.1007/978-3-030-64840-4_18},
      note = {\url{https://eprint.iacr.org/2020/622}},
      url = {https://eprint.iacr.org/2020/622}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.