代理重加密攻击模型的参数族

2015 IEEE 28th Computer Security Foundations Symposium Pub Date : 2015-07-13 DOI:10.1109/CSF.2015.27

David Nuñez, Isaac Agudo, Javier López

{"title":"代理重加密攻击模型的参数族","authors":"David Nuñez, Isaac Agudo, Javier López","doi":"10.1109/CSF.2015.27","DOIUrl":null,"url":null,"abstract":"Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) that provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and re-encryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from \"plain\" IND-CPA to \"full\" IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent \"CCA1-secure\" scheme from PKC 2014 whose security model does not capture chosen-cipher text attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.","PeriodicalId":210917,"journal":{"name":"2015 IEEE 28th Computer Security Foundations Symposium","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"A Parametric Family of Attack Models for Proxy Re-encryption\",\"authors\":\"David Nuñez, Isaac Agudo, Javier López\",\"doi\":\"10.1109/CSF.2015.27\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) that provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and re-encryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from \\\"plain\\\" IND-CPA to \\\"full\\\" IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent \\\"CCA1-secure\\\" scheme from PKC 2014 whose security model does not capture chosen-cipher text attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.\",\"PeriodicalId\":210917,\"journal\":{\"name\":\"2015 IEEE 28th Computer Security Foundations Symposium\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-07-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE 28th Computer Security Foundations Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSF.2015.27\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 28th Computer Security Foundations Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSF.2015.27","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 14

摘要

代理重新加密(PRE)是一种公共密钥加密(PKE)，它提供了额外的重新加密功能。尽管PRE本身就比PKE复杂，但PRE的攻击模型并没有比PKE继承的攻击模型发展得更远。在本文中，我们解决了这一问题，并基于安全博弈期间解密和重新加密预言的可用性，定义了PRE的参数攻击模型族。该系列支持为PRE定义一组中间安全概念，范围从“普通”IND-CPA到“完整”IND-CCA。我们分析了这些安全概念之间的一些关系，特别是当重加密oracle泄露重加密密钥时出现的分离。此外，我们还讨论了这些安全概念中哪些代表了PRE的有意义的对抗模型。最后，我们提供了一个来自PKC 2014的最近的“CCA1-secure”方案的示例，其安全模型不通过重新加密捕获选择密文攻击，并且我们在更现实的安全概念下描述了攻击。这种攻击强调了这样一个事实，即泄露重加密密钥的PRE方案无法实现强安全性概念。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Parametric Family of Attack Models for Proxy Re-encryption

Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) that provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and re-encryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from "plain" IND-CPA to "full" IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent "CCA1-secure" scheme from PKC 2014 whose security model does not capture chosen-cipher text attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE 28th Computer Security Foundations Symposium

自引率

0.00%

发文量