[PDF] Top 20 Identity-Based Encryption Secure Against Selective Opening Chosen-Ciphertext Attack

... target identity. It was not until 2011 that the question how to build SOA-secure IBE was answered by Bellare et ...IND-ID-CPA secure and “One-Sided Publicly Openable” (1SPO) IBE ...one based ... See full document

... key encryption (PKE) [ CDNO97 ] ...IBE based on Boyen and Waters’s anonymous IBE [ BW06 ] and De Caro, Iovino and Persiano’s anonymous IBE [ DCIP10 ] , which is further based on Lewko and Waters’ IBE ... See full document

... are chosen independently, the openness of some secret keys and decryption answers has no influence on secret keys un- ...reduction, encryption answers can be transformed to be invalid in one shot from the ... See full document

... challenge ciphertext is refused by the decryption oracle and the leakage oracle stops working after the generation of the challenge ciphertext, the notion becomes leakage-resilient security against ... See full document

... tightly secure IBE ...challenge ciphertext, and none of them provide security against chosen-ciphertext ...Furthermore, chosen-ciphertext security guarantees security even ... See full document

... searchable encryption, the cloud providers always receive some search tokens from different authorities and each of them is generated for a special ...guessing attack (KGA). Byun, for the first time, ... See full document

... and identity based ...certificateless encryption Certificateless signatures and certificateless ...the identity to guarantee that every user in the system has one public/private key pair, the ... See full document

... an identity-based scheme with efficient user revocation ...cost based on a binary tree data structure and it is resis- tance against chosen-ciphertext ...the selective-ID ... See full document

... under chosen-ciphertext ...public-key encryption scheme fully IND-CCA-secure under the factoring assumption was then discovered by Dolev, Dwork and Naor a few years later ...factoring- ... See full document

... master-key selective opening security (mSO) for identity- based encryption (IBE), which focuses on IBE in the setting of multiple private key generators [34, ...master-key ... See full document

... for ciphertext constant testability Suppose that Π is a HAE which is not necessarily ciphertext constant ...is based on the Merkle hash tree technique used by Gennaro and Wichs ... See full document

... simulation-based selective open- ing (SIM-SO) security and indistinguishability-based selective opening (IND-SO) ...of encryption named lossy encryption, and lossy ... See full document

... Abstract: Recently, Fang et al. [6] introduced an interactive(bidirectional) conditional proxy re-encryption(C-PRE) scheme such that a proxy can only convert ciphertexts that satisfy access policy set by a ... See full document

... schemes against freezing attacks, where it is possible to measure a significant fraction of secret key bits if the secret key is stored in the part of memory which can be accessed even after power is turned off ... See full document

... paper, based on Simon’s algorithm, we first formalize a sufficient condition of a quantum distinguisher against block ciphers so that it works even if there are multiple collisions other than the real ... See full document

... the ciphertext-policy AB-KEM (CP-AB-KEM) this is more ...the identity-based key encapsulation mechanism (IB-KEM) of [KG09], the redundancy consists of a single group element based on a hash of ... See full document

... an identity key in addition to their attribute key shares. The identity keys are generated by a data owner using a secret sharing ...the ciphertext in the way such that only non-revoked users with ... See full document

... the encryption policy is described in the keys, so the encrypted does not have entire control over the encryption ...are- encryption occurs, all of the users in the same system must have their ... See full document

... Exponentiation in a multiplicative group (or scalar multiplication in an elliptic curve group) of large order involves hundreds or even thousands of low-level arithmetic operations such as modular multiplication. ... See full document

... indistinguishability against quantum chosen-ciphertext attacks (IND-qCCA se- curity) of key-encapsulation mechanisms (KEMs) in quantum random oracle model ...public-key encryption scheme into ... See full document