ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

CCA-secure Predicate Encryption from Pair Encoding in Prime Order Groups: Generic and Efficient

Chatterjee, Sanjit and Mukherjee, Sayantan and Pandit, Tapas (2017) CCA-secure Predicate Encryption from Pair Encoding in Prime Order Groups: Generic and Efficient. In: 18th International Conference on Cryptology in India, INDOCRYPT 2017, 10 December - 13 December 2017, Chennai, pp. 85-106.

[img] PDF
lec_not_com_sci_10698_85-106_2017.pdf - Published Version
Restricted to Registered users only
Download (547kB) | Request a copy
Official URL: https://doi.org/10.1007/978-3-319-71667-1_5

Abstract

Attrapadung (Eurocrypt 2014) proposed a generic framework called pair encoding to simplify the design and proof of security of CPA-secure predicate encryption (PE) in composite order groups. Later Attrapadung (Asiacrypt 2016) extended this idea in prime order groups. Yamada et al. (PKC 2011, PKC 2012) and Nandi et al. (ePrint Archive: 2015/457, AAECC 2017) proposed generic conversion frameworks to achieve CCA-secure PE from CPA-secure PE provided the encryption schemes have properties like delegation or verifiability. The delegation property is harder to achieve and verifiability based conversion degrades the decryption performance due to a large number of additional pairing evaluations. Blömer et al. (CT-RSA 2016) proposed a direct fully CCA-secure predicate encryption in composite order groups but it was less efficient as it needed a large number of pairing evaluations to check ciphertext consistency. As an alternative, Nandi et al. (ePrint Archive: 2015/955) proposed a direct conversion technique in composite order groups. We extend the direct conversion technique of Nandi et al. in the prime order groups on the CPA-secure PE construction by Attrapadung (Asiacrypt 2016) and prove our scheme to be CCA-secure in a quite different manner. Our first direct CCA-secure predicate encryption scheme requires exactly one additional ciphertext component and three additional units of pairing evaluation during decryption. The second construction requires exactly three additional ciphertext components but needs only one additional unit pairing evaluation during decryption. This is a significant improvement over conventional approach for CPA-to-CCA conversion in prime order groups.

Item Type: Conference Paper
Series.: Lecture Notes in Computer Science
Publisher: Springer Verlag
Additional Information: The Copyright of this article belongs to the Springer Verlag
Keywords: Aluminum; Encoding (symbols); Security of data; Signal encoding; Composite-order groups; Conventional approach; Direct conversion; Encryption schemes; Generic frameworks; Predicate encryptions; Prime orders; Verifiability; Cryptography
Department/Centre: Division of Electrical Sciences > Computer Science & Automation
Date Deposited: 26 May 2022 04:35
Last Modified: 30 May 2022 05:44
URI: https://eprints.iisc.ac.in/id/eprint/72611

Actions (login required)

View Item View Item
Powered by EPrints A service from The J.R.D. Tata Memorial Library Indian Institute of Science, Bengaluru-560012, India