Project : cascade

Section: New Results

New Primitives

Participants : Michel Abdalla, Céline Chevalier, Cécile Delerablée, Georg Fuchsbauer, Malika Izabachène, David Pointcheval, Damien Vergnaud.

Unidirectional chosen-ciphertext secure proxy re-encryption, PKC '08

Tracing malicious proxies in proxy re-encryption, Pairing '08

Multi-use unidirectional proxy re-signatures, ACM CCS '08

Anonymous Proxy Signatures, SCN '08

In 1998, Blaze, Bleumer and Strauss put forth a cryptographic primitive, termed proxy re-encryption, whose goal is to securely enable the translation of ciphertexts from one party to another. In such systems, a proxy transforms – without being able to infer any information on the corresponding plaintext – a ciphertext computed under Alice's public key into one that can be opened using Bob's secret key. Recently, the project-team CASCADE has focused its research on delegation of rights: proxy re-encryption, as described above, and proxy signatures, which is the analogous delegation property for the signing rights.

New Anonymity Notions for Identity-Based Encryption, SCN '08

Anonymous and Transparent Gateway-based Password-Authenticated Key Exchange, CANS '08

This year, anonymity has become a major topic, together with traceability (revokable anonymity). It thus shows some links with the group-oriented cryptography.

Dynamic Threshold Public-Key Encryption, CRYPTO '08

This paper deals with an efficient scheme which allows for some groups to decrypt documents. Dynamicity is also an important property in practice: the users can dynamically join the system (by opposition to static systems), authorized people in the groups can evolve dynamically too.

Multi-Factor Authenticated Key Exchange, ACNS '08

A Formal Study of the Privacy Concerns in Biometric-based Remote Authentication Schemes, ISPEC '08

Efficient Two-Party Password-Based Key Exchange Protocols in the UC Framework, CT-RSA '08

In these papers, we deal with various ways of authentication (password-based and biometrics).

Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions. Journal of Cryptology, 2008

There has recently been interest in various forms of “searchable encryption” in the literature. In this paper, we further explore one of the variants of this goal, namely public-key encryption with keyword search (PEKS) as introduced by Boneh, Di Crescenzo, Ostrovsky and Persiano in Eurocrypt 2004. A PEKS scheme allows the owner of a secret decryption key to give away pieces of trapdoor information based on this key that allows a third party to check whether a certain keyword is encrypted in a given ciphertext, without leaking any other information about the encrypted message however. The main application of PEKS schemes is to allow the intelligent routing of encrypted email containing certain keywords over a low-bandwidth connection. The user sends the trapdoor corresponding to the keyword to the mail server, who can then independently check encrypted emails for presence of that keyword.

In this paper, we identify and fill some gaps with regard to consistency (the extent to which false positives are produced) for PEKS. We define computational and statistical relaxations of the existing notion of perfect consistency, show that the scheme of Boneh et al. in Eurocrypt 2004 is computationally consistent, and provide a new scheme that is statistically consistent. We also provide a transform of an anonymous identity-based encryption (IBE) scheme to a secure PEKS scheme that, unlike the previous one, guarantees consistency. Finally, we suggest three extensions of the basic notions, namely anonymous hierarchical identity-based encryption, public-key encryption with temporary keyword search, and identity-based encryption with keyword search.