Paper 2020/765

Handling Adaptive Compromise for Practical Encryption Schemes

Joseph Jaeger, University of Washington
Nirvan Tyagi, Cornell University
Abstract

We provide a new definitional framework capturing the multi-user security of encryption schemes and pseudorandom functions in the face of adversaries that can adaptively compromise users' keys. We provide a sequence of results establishing the security of practical symmetric encryption schemes under adaptive compromise in the random oracle or ideal cipher model. The bulk of analysis complexity for adaptive compromise security is relegated to the analysis of lower-level primitives such as pseudorandom functions. We apply our framework to give proofs of security for the BurnBox system for privacy in the face of border searches and the in-use searchable symmetric encryption scheme due to Cash et al. In both cases, prior analyses had bugs that our framework helps avoid.

Note: This update expands the discussion of related work and provides a strengthened definition of equivocable encryption to fix subtle issues in the prior definition.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in CRYPTO 2020
DOI
10.1007/978-3-030-56784-2_1
Keywords
adaptive securityideal modelssearchable symmetric encryption
Contact author(s)
jsjaeger @ cs washington edu
tyagi @ cs cornell edu
History
2023-07-18: revised
2020-06-24: received
See all versions
Short URL
https://ia.cr/2020/765
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/765,
      author = {Joseph Jaeger and Nirvan Tyagi},
      title = {Handling Adaptive Compromise for Practical Encryption Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2020/765},
      year = {2020},
      doi = {10.1007/978-3-030-56784-2_1},
      note = {\url{https://eprint.iacr.org/2020/765}},
      url = {https://eprint.iacr.org/2020/765}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.