{"title":"半直接产品上加密协议的构造","authors":"Shuji Isobe, E. Koizumi","doi":"10.1515/jmc-2022-0018","DOIUrl":null,"url":null,"abstract":"Abstract In CANDARW ’18, Isobe et al. proposed a secure encryption protocol on non-abelian groups based on the Anshel–Anshel–Goldfeld key exchange protocol. There have remained two weak points on the protocol: one is that the protocol is indistinguishable against adaptive chosen ciphertext attack (IND-CCA) in a slightly restricted sense, what they call IND-rCCA secure, and the other is that the conditions imposed on groups and hashing schemes are too strict to make the protocol practical. In this article, we propose an IND-CCA secure protocol that resolves those problems. The key idea is to employ some specific semidirect product as platform groups, so that we can achieve the exact IND-CCA security from concise conditions on groups and hashing schemes. Our protocol is not dependent on any computational assumptions on abelian subgroups.","PeriodicalId":43866,"journal":{"name":"Journal of Mathematical Cryptology","volume":" ","pages":""},"PeriodicalIF":0.5000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A construction of encryption protocols over some semidirect products\",\"authors\":\"Shuji Isobe, E. Koizumi\",\"doi\":\"10.1515/jmc-2022-0018\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract In CANDARW ’18, Isobe et al. proposed a secure encryption protocol on non-abelian groups based on the Anshel–Anshel–Goldfeld key exchange protocol. There have remained two weak points on the protocol: one is that the protocol is indistinguishable against adaptive chosen ciphertext attack (IND-CCA) in a slightly restricted sense, what they call IND-rCCA secure, and the other is that the conditions imposed on groups and hashing schemes are too strict to make the protocol practical. In this article, we propose an IND-CCA secure protocol that resolves those problems. The key idea is to employ some specific semidirect product as platform groups, so that we can achieve the exact IND-CCA security from concise conditions on groups and hashing schemes. Our protocol is not dependent on any computational assumptions on abelian subgroups.\",\"PeriodicalId\":43866,\"journal\":{\"name\":\"Journal of Mathematical Cryptology\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2023-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Mathematical Cryptology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1515/jmc-2022-0018\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Mathematical Cryptology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/jmc-2022-0018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
A construction of encryption protocols over some semidirect products
Abstract In CANDARW ’18, Isobe et al. proposed a secure encryption protocol on non-abelian groups based on the Anshel–Anshel–Goldfeld key exchange protocol. There have remained two weak points on the protocol: one is that the protocol is indistinguishable against adaptive chosen ciphertext attack (IND-CCA) in a slightly restricted sense, what they call IND-rCCA secure, and the other is that the conditions imposed on groups and hashing schemes are too strict to make the protocol practical. In this article, we propose an IND-CCA secure protocol that resolves those problems. The key idea is to employ some specific semidirect product as platform groups, so that we can achieve the exact IND-CCA security from concise conditions on groups and hashing schemes. Our protocol is not dependent on any computational assumptions on abelian subgroups.