Constructing Confidential Channels from Authenticated Channels—Public-Key Encryption Revisited View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2013

AUTHORS

Sandro Coretti , Ueli Maurer , Björn Tackmann

ABSTRACT

The security of public-key encryption (PKE), a widely-used cryptographic primitive, has received much attention in the cryptology literature. Many security notions for PKE have been proposed, including several versions of CPA-security, CCA-security, and non-malleability. These security notions are usually defined via a game that no efficient adversary can win with non-negligible probability or advantage.If a PKE scheme is used in a larger protocol, then the security of this protocol is proved by showing a reduction of breaking a certain security property of the PKE scheme to breaking the security of the protocol. A major problem is that each protocol requires in principle its own tailor-made security reduction. Moreover, which security notion of the PKE scheme should be used in a given context is a priori not evident; the employed games model the use of the scheme abstractly through oracle access to its algorithms, and the sufficiency for specific applications is neither explicitly stated nor proven.In this paper we propose a new approach to investigating the application of PKE, based on the constructive cryptography framework [24,25]. The basic use of PKE is to enable confidential communication from a sender A to a receiver B, assuming A is in possession of B’s public key. One can distinguish two relevant cases: The (non-confidential) communication channel from A to B can be authenticated (e.g., because messages are signed) or non-authenticated. The application of PKE is shown to provide the construction of a secure channel from A to B from two (assumed) authenticated channels, one in each direction, or, alternatively, if the channel from A to B is completely insecure, the construction of a confidential channel without authenticity. Composition then means that the assumed channels can either be physically realized or can themselves be constructed cryptographically, and also that the resulting channels can directly be used in any applications that require such a channel. The composition theorem of constructive cryptography guarantees the soundness of this approach, which eliminates the need for separate reduction proofs.We also revisit several popular game-based security notions (and variants thereof) and give them a constructive semantics by demonstrating which type of construction is achieved by a PKE scheme satisfying which notion. In particular, the necessary and sufficient security notions for the above two constructions to work are CPA-security and a variant of CCA-security, respectively. More... »

PAGES

134-153

Book

TITLE

Advances in Cryptology - ASIACRYPT 2013

ISBN

978-3-642-42032-0
978-3-642-42033-7

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-642-42033-7_8

DOI

http://dx.doi.org/10.1007/978-3-642-42033-7_8

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1005145952


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0802", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computation Theory and Mathematics", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Coretti", 
        "givenName": "Sandro", 
        "id": "sg:person.0756652750.76", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.0756652750.76"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Maurer", 
        "givenName": "Ueli", 
        "id": "sg:person.01316567627.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Tackmann", 
        "givenName": "Bj\u00f6rn", 
        "id": "sg:person.07617171521.69", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07617171521.69"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2013", 
    "datePublishedReg": "2013-01-01", 
    "description": "The security of public-key encryption (PKE), a widely-used cryptographic primitive, has received much attention in the cryptology literature. Many security notions for PKE have been proposed, including several versions of CPA-security, CCA-security, and non-malleability. These security notions are usually defined via a game that no efficient adversary can win with non-negligible probability or advantage.If a PKE scheme is used in a larger protocol, then the security of this protocol is proved by showing a reduction of breaking a certain security property of the PKE scheme to breaking the security of the protocol. A major problem is that each protocol requires in principle its own tailor-made security reduction. Moreover, which security notion of the PKE scheme should be used in a given context is a priori not evident; the employed games model the use of the scheme abstractly through oracle access to its algorithms, and the sufficiency for specific applications is neither explicitly stated nor proven.In this paper we propose a new approach to investigating the application of PKE, based on the constructive cryptography framework [24,25]. The basic use of PKE is to enable confidential communication from a sender A to a receiver B, assuming A is in possession of B\u2019s public key. One can distinguish two relevant cases: The (non-confidential) communication channel from A to B can be authenticated (e.g., because messages are signed) or non-authenticated. The application of PKE is shown to provide the construction of a secure channel from A to B from two (assumed) authenticated channels, one in each direction, or, alternatively, if the channel from A to B is completely insecure, the construction of a confidential channel without authenticity. Composition then means that the assumed channels can either be physically realized or can themselves be constructed cryptographically, and also that the resulting channels can directly be used in any applications that require such a channel. The composition theorem of constructive cryptography guarantees the soundness of this approach, which eliminates the need for separate reduction proofs.We also revisit several popular game-based security notions (and variants thereof) and give them a constructive semantics by demonstrating which type of construction is achieved by a PKE scheme satisfying which notion. In particular, the necessary and sufficient security notions for the above two constructions to work are CPA-security and a variant of CCA-security, respectively.", 
    "editor": [
      {
        "familyName": "Sako", 
        "givenName": "Kazue", 
        "type": "Person"
      }, 
      {
        "familyName": "Sarkar", 
        "givenName": "Palash", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-42033-7_8", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-642-42032-0", 
        "978-3-642-42033-7"
      ], 
      "name": "Advances in Cryptology - ASIACRYPT 2013", 
      "type": "Book"
    }, 
    "keywords": [
      "public key encryption", 
      "security notions", 
      "PKE scheme", 
      "confidential channel", 
      "constructive cryptography framework", 
      "certain security properties", 
      "secure channel", 
      "constructive cryptography", 
      "key encryption", 
      "security properties", 
      "cryptographic primitives", 
      "public key", 
      "efficient adversary", 
      "security reduction", 
      "reduction proofs", 
      "confidential communication", 
      "constructive semantics", 
      "larger protocol", 
      "non-negligible probability", 
      "communication channels", 
      "oracle access", 
      "cryptology literature", 
      "composition theorem", 
      "encryption", 
      "security", 
      "basic use", 
      "specific applications", 
      "scheme", 
      "new approach", 
      "game", 
      "protocol", 
      "cryptography", 
      "applications", 
      "adversary", 
      "primitives", 
      "semantics", 
      "algorithm", 
      "major problem", 
      "communication", 
      "soundness", 
      "framework", 
      "key", 
      "authenticity", 
      "notion", 
      "relevant cases", 
      "channels", 
      "construction", 
      "access", 
      "proof", 
      "version", 
      "advantages", 
      "use", 
      "context", 
      "need", 
      "probability", 
      "principles", 
      "attention", 
      "variants", 
      "direction", 
      "literature", 
      "types", 
      "theorem", 
      "possession", 
      "sufficiency", 
      "cases", 
      "reduction", 
      "properties", 
      "type of construction", 
      "composition", 
      "approach", 
      "problem", 
      "paper"
    ], 
    "name": "Constructing Confidential Channels from Authenticated Channels\u2014Public-Key Encryption Revisited", 
    "pagination": "134-153", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1005145952"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-42033-7_8"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-42033-7_8", 
      "https://app.dimensions.ai/details/publication/pub.1005145952"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:41", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_131.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-642-42033-7_8"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-42033-7_8'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-42033-7_8'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-42033-7_8'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-42033-7_8'


 

This table displays all metadata directly associated to this object as RDF triples.

155 TRIPLES      23 PREDICATES      99 URIs      91 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-642-42033-7_8 schema:about anzsrc-for:08
2 anzsrc-for:0802
3 anzsrc-for:0804
4 schema:author N3e34714a794f48d184374c5fa7b5dc3f
5 schema:datePublished 2013
6 schema:datePublishedReg 2013-01-01
7 schema:description The security of public-key encryption (PKE), a widely-used cryptographic primitive, has received much attention in the cryptology literature. Many security notions for PKE have been proposed, including several versions of CPA-security, CCA-security, and non-malleability. These security notions are usually defined via a game that no efficient adversary can win with non-negligible probability or advantage.If a PKE scheme is used in a larger protocol, then the security of this protocol is proved by showing a reduction of breaking a certain security property of the PKE scheme to breaking the security of the protocol. A major problem is that each protocol requires in principle its own tailor-made security reduction. Moreover, which security notion of the PKE scheme should be used in a given context is a priori not evident; the employed games model the use of the scheme abstractly through oracle access to its algorithms, and the sufficiency for specific applications is neither explicitly stated nor proven.In this paper we propose a new approach to investigating the application of PKE, based on the constructive cryptography framework [24,25]. The basic use of PKE is to enable confidential communication from a sender A to a receiver B, assuming A is in possession of B’s public key. One can distinguish two relevant cases: The (non-confidential) communication channel from A to B can be authenticated (e.g., because messages are signed) or non-authenticated. The application of PKE is shown to provide the construction of a secure channel from A to B from two (assumed) authenticated channels, one in each direction, or, alternatively, if the channel from A to B is completely insecure, the construction of a confidential channel without authenticity. Composition then means that the assumed channels can either be physically realized or can themselves be constructed cryptographically, and also that the resulting channels can directly be used in any applications that require such a channel. The composition theorem of constructive cryptography guarantees the soundness of this approach, which eliminates the need for separate reduction proofs.We also revisit several popular game-based security notions (and variants thereof) and give them a constructive semantics by demonstrating which type of construction is achieved by a PKE scheme satisfying which notion. In particular, the necessary and sufficient security notions for the above two constructions to work are CPA-security and a variant of CCA-security, respectively.
8 schema:editor N81a717e7ca184c2580b219684ccd6e87
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree true
12 schema:isPartOf N9c60360ad42640238b4b1d70c26de278
13 schema:keywords PKE scheme
14 access
15 advantages
16 adversary
17 algorithm
18 applications
19 approach
20 attention
21 authenticity
22 basic use
23 cases
24 certain security properties
25 channels
26 communication
27 communication channels
28 composition
29 composition theorem
30 confidential channel
31 confidential communication
32 construction
33 constructive cryptography
34 constructive cryptography framework
35 constructive semantics
36 context
37 cryptographic primitives
38 cryptography
39 cryptology literature
40 direction
41 efficient adversary
42 encryption
43 framework
44 game
45 key
46 key encryption
47 larger protocol
48 literature
49 major problem
50 need
51 new approach
52 non-negligible probability
53 notion
54 oracle access
55 paper
56 possession
57 primitives
58 principles
59 probability
60 problem
61 proof
62 properties
63 protocol
64 public key
65 public key encryption
66 reduction
67 reduction proofs
68 relevant cases
69 scheme
70 secure channel
71 security
72 security notions
73 security properties
74 security reduction
75 semantics
76 soundness
77 specific applications
78 sufficiency
79 theorem
80 type of construction
81 types
82 use
83 variants
84 version
85 schema:name Constructing Confidential Channels from Authenticated Channels—Public-Key Encryption Revisited
86 schema:pagination 134-153
87 schema:productId N454fb0bc797f419898171274df2eddd4
88 Nb91e43e8af664ad68c412a0f31403667
89 schema:publisher Nb98f09cf48044c3f8048b0597ad50795
90 schema:sameAs https://app.dimensions.ai/details/publication/pub.1005145952
91 https://doi.org/10.1007/978-3-642-42033-7_8
92 schema:sdDatePublished 2022-05-20T07:41
93 schema:sdLicense https://scigraph.springernature.com/explorer/license/
94 schema:sdPublisher Neca82af1a85a467bb82da26617f220d2
95 schema:url https://doi.org/10.1007/978-3-642-42033-7_8
96 sgo:license sg:explorer/license/
97 sgo:sdDataset chapters
98 rdf:type schema:Chapter
99 N3e34714a794f48d184374c5fa7b5dc3f rdf:first sg:person.0756652750.76
100 rdf:rest N8050328548b44fc1ba15378acda191d4
101 N454fb0bc797f419898171274df2eddd4 schema:name dimensions_id
102 schema:value pub.1005145952
103 rdf:type schema:PropertyValue
104 N8050328548b44fc1ba15378acda191d4 rdf:first sg:person.01316567627.91
105 rdf:rest Na3cefc549551462eaf3a7d6292312e07
106 N81a717e7ca184c2580b219684ccd6e87 rdf:first Naeb46bceb95c41faa447910986dea0bc
107 rdf:rest N8569be833f114fcfa301bb640d44bf2d
108 N8569be833f114fcfa301bb640d44bf2d rdf:first N8b914b0bcd834b6dbc9d5df3c9ad6438
109 rdf:rest rdf:nil
110 N8b914b0bcd834b6dbc9d5df3c9ad6438 schema:familyName Sarkar
111 schema:givenName Palash
112 rdf:type schema:Person
113 N9c60360ad42640238b4b1d70c26de278 schema:isbn 978-3-642-42032-0
114 978-3-642-42033-7
115 schema:name Advances in Cryptology - ASIACRYPT 2013
116 rdf:type schema:Book
117 Na3cefc549551462eaf3a7d6292312e07 rdf:first sg:person.07617171521.69
118 rdf:rest rdf:nil
119 Naeb46bceb95c41faa447910986dea0bc schema:familyName Sako
120 schema:givenName Kazue
121 rdf:type schema:Person
122 Nb91e43e8af664ad68c412a0f31403667 schema:name doi
123 schema:value 10.1007/978-3-642-42033-7_8
124 rdf:type schema:PropertyValue
125 Nb98f09cf48044c3f8048b0597ad50795 schema:name Springer Nature
126 rdf:type schema:Organisation
127 Neca82af1a85a467bb82da26617f220d2 schema:name Springer Nature - SN SciGraph project
128 rdf:type schema:Organization
129 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
130 schema:name Information and Computing Sciences
131 rdf:type schema:DefinedTerm
132 anzsrc-for:0802 schema:inDefinedTermSet anzsrc-for:
133 schema:name Computation Theory and Mathematics
134 rdf:type schema:DefinedTerm
135 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
136 schema:name Data Format
137 rdf:type schema:DefinedTerm
138 sg:person.01316567627.91 schema:affiliation grid-institutes:grid.5801.c
139 schema:familyName Maurer
140 schema:givenName Ueli
141 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91
142 rdf:type schema:Person
143 sg:person.0756652750.76 schema:affiliation grid-institutes:grid.5801.c
144 schema:familyName Coretti
145 schema:givenName Sandro
146 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.0756652750.76
147 rdf:type schema:Person
148 sg:person.07617171521.69 schema:affiliation grid-institutes:grid.5801.c
149 schema:familyName Tackmann
150 schema:givenName Björn
151 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07617171521.69
152 rdf:type schema:Person
153 grid-institutes:grid.5801.c schema:alternateName Department of Computer Science, ETH Zürich, Switzerland
154 schema:name Department of Computer Science, ETH Zürich, Switzerland
155 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...