{"title":"Conditional Encryption with Applications to Secure Personalized Password Typo Correction","authors":"Mohammad Hassan Ameri, Jeremiah Blocki","doi":"arxiv-2409.06128","DOIUrl":null,"url":null,"abstract":"We introduce the notion of a conditional encryption scheme as an extension of\npublic key encryption. In addition to the standard public key algorithms\n($\\mathsf{KG}$, $\\mathsf{Enc}$, $\\mathsf{Dec}$) for key generation, encryption\nand decryption, a conditional encryption scheme for a binary predicate $P$ adds\na new conditional encryption algorithm $\\mathsf{CEnc}$. The conditional\nencryption algorithm $c=\\mathsf{CEnc}_{pk}(c_1,m_2,m_3)$ takes as input the\npublic encryption key $pk$, a ciphertext $c_1 = \\mathsf{Enc}_{pk}(m_1)$ for an\nunknown message $m_1$, a control message $m_2$ and a payload message $m_3$ and\noutputs a conditional ciphertext $c$. Intuitively, if $P(m_1,m_2)=1$ then the\nconditional ciphertext $c$ should decrypt to the payload message $m_3$. On the\nother hand if $P(m_1,m_2) = 0$ then the ciphertext should not leak any\ninformation about the control message $m_2$ or the payload message $m_3$ even\nif the attacker already has the secret decryption key $sk$. We formalize the\nnotion of conditional encryption secrecy and provide concretely efficient\nconstructions for a set of predicates relevant to password typo correction. Our\npractical constructions utilize the Paillier partially homomorphic encryption\nscheme as well as Shamir Secret Sharing. We prove that our constructions are\nsecure and demonstrate how to use conditional encryption to improve the\nsecurity of personalized password typo correction systems such as TypTop. We\nimplement a C++ library for our practically efficient conditional encryption\nschemes and evaluate the performance empirically. We also update the\nimplementation of TypTop to utilize conditional encryption for enhanced\nsecurity guarantees and evaluate the performance of the updated implementation.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":"44 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.06128","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
We introduce the notion of a conditional encryption scheme as an extension of
public key encryption. In addition to the standard public key algorithms
($\mathsf{KG}$, $\mathsf{Enc}$, $\mathsf{Dec}$) for key generation, encryption
and decryption, a conditional encryption scheme for a binary predicate $P$ adds
a new conditional encryption algorithm $\mathsf{CEnc}$. The conditional
encryption algorithm $c=\mathsf{CEnc}_{pk}(c_1,m_2,m_3)$ takes as input the
public encryption key $pk$, a ciphertext $c_1 = \mathsf{Enc}_{pk}(m_1)$ for an
unknown message $m_1$, a control message $m_2$ and a payload message $m_3$ and
outputs a conditional ciphertext $c$. Intuitively, if $P(m_1,m_2)=1$ then the
conditional ciphertext $c$ should decrypt to the payload message $m_3$. On the
other hand if $P(m_1,m_2) = 0$ then the ciphertext should not leak any
information about the control message $m_2$ or the payload message $m_3$ even
if the attacker already has the secret decryption key $sk$. We formalize the
notion of conditional encryption secrecy and provide concretely efficient
constructions for a set of predicates relevant to password typo correction. Our
practical constructions utilize the Paillier partially homomorphic encryption
scheme as well as Shamir Secret Sharing. We prove that our constructions are
secure and demonstrate how to use conditional encryption to improve the
security of personalized password typo correction systems such as TypTop. We
implement a C++ library for our practically efficient conditional encryption
schemes and evaluate the performance empirically. We also update the
implementation of TypTop to utilize conditional encryption for enhanced
security guarantees and evaluate the performance of the updated implementation.