Verifiable Encryption from MPC-in-the-Head

IACR Cryptol. ePrint Arch. Pub Date : 2024-04-09 DOI:10.62056/a3wa3zl7s

Akira Takahashi, Greg Zaverucha

{"title":"Verifiable Encryption from MPC-in-the-Head","authors":"Akira Takahashi, Greg Zaverucha","doi":"10.62056/a3wa3zl7s","DOIUrl":null,"url":null,"abstract":"Verifiable encryption (VE) is a protocol where one can provide assurance that an encrypted plaintext satisfies certain properties, or relations. It is an important building block in cryptography with many useful applications, such as key escrow, group signatures, optimistic fair exchange, and others. However, the majority of previous VE schemes are restricted to instantiation with specific public-key encryption schemes or relations. In this work, we propose a novel framework that realizes VE protocols using zero-knowledge proof systems based on the MPC-in-the-head paradigm (Ishai et al. STOC 2007). Our generic compiler can turn a large class of zero-knowledge proofs into secure VE protocols for any secure public-key encryption scheme with the undeniability property, a notion that essentially guarantees binding of encryption when used as a commitment scheme. Our framework is versatile: because the circuit proven by the MPC-in-the-head prover is decoupled from a complex encryption function, the work of the prover is focused on proving the encrypted data satisfies the relation, not the proof of plaintext knowledge. Hence, our approach allows for instantiation with various combinations of properties about the encrypted data and encryption functions. We then consider concrete applications, to demonstrate the efficiency of our framework, by first giving a new approach and implementation to verifiably encrypt discrete logarithms in any prime order group more efficiently than was previously known. Then we give the first practical verifiable encryption scheme for AES keys with post-quantum security, along with an implementation and benchmarks.","PeriodicalId":508905,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"61 5","pages":"1704"},"PeriodicalIF":0.0000,"publicationDate":"2024-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Cryptol. ePrint Arch.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.62056/a3wa3zl7s","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Verifiable encryption (VE) is a protocol where one can provide assurance that an encrypted plaintext satisfies certain properties, or relations. It is an important building block in cryptography with many useful applications, such as key escrow, group signatures, optimistic fair exchange, and others. However, the majority of previous VE schemes are restricted to instantiation with specific public-key encryption schemes or relations. In this work, we propose a novel framework that realizes VE protocols using zero-knowledge proof systems based on the MPC-in-the-head paradigm (Ishai et al. STOC 2007). Our generic compiler can turn a large class of zero-knowledge proofs into secure VE protocols for any secure public-key encryption scheme with the undeniability property, a notion that essentially guarantees binding of encryption when used as a commitment scheme. Our framework is versatile: because the circuit proven by the MPC-in-the-head prover is decoupled from a complex encryption function, the work of the prover is focused on proving the encrypted data satisfies the relation, not the proof of plaintext knowledge. Hence, our approach allows for instantiation with various combinations of properties about the encrypted data and encryption functions. We then consider concrete applications, to demonstrate the efficiency of our framework, by first giving a new approach and implementation to verifiably encrypt discrete logarithms in any prime order group more efficiently than was previously known. Then we give the first practical verifiable encryption scheme for AES keys with post-quantum security, along with an implementation and benchmarks.

查看原文本刊更多论文

来自 MPC-in-the-Head 的可验证加密技术

可验证加密（VE）是一种可以保证加密明文满足某些属性或关系的协议。它是密码学的一个重要组成部分，有许多有用的应用，如密钥托管、分组签名、乐观公平交换等。然而，以往的大多数 VE 方案都仅限于与特定的公钥加密方案或关系进行实例化。在这项工作中，我们提出了一个新颖的框架，利用基于 MPC-in-the-head 范式（Ishai 等人，STOC 2007）的零知识证明系统实现 VE 协议。我们的通用编译器可以将一大类零知识证明转化为任何具有不可否认性的安全公钥加密方案的安全 VE 协议。我们的框架具有多功能性：由于 "MPC-in-the-head "证明者所证明的电路与复杂的加密函数脱钩，因此证明者的工作重点是证明加密数据满足关系，而不是证明明文知识。因此，我们的方法允许对加密数据和加密函数的各种属性组合进行实例化。然后，我们考虑了具体的应用，以证明我们框架的效率，首先给出了一种新的方法和实现，可以比以前已知的更高效地对任何素阶群中的离散对数进行可验证的加密。然后，我们给出了第一个具有后量子安全性的 AES 密钥实用可验证加密方案，并给出了实现方法和基准。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IACR Cryptol. ePrint Arch.

自引率

0.00%

发文量