CryptoDB
Jonas Janneck
Publications
Year
Venue
Title
2024
CRYPTO
Ring Signatures for Deniable AKEM: Gandalf's Fellowship
Abstract
Ring signatures, a cryptographic primitive introduced by Rivest, Shamir and Tauman (ASIACRYPT 2001), offer signer anonymity within dynamically formed user groups.
Recent advancements have focused on lattice-based constructions to improve efficiency, particularly for large signing rings.
However, current state-of-the-art solutions suffer from significant overhead, especially for smaller rings.
In this work, we present two novel NTRU-based ring signature constructions tailored towards small rings.
Concretely, our schemes offer up to 50% reduction in signature size for ring of size smaller than 18 compared to the state of the art ring signature scheme Raptor (ACNS 2019) and the sublinear ring signature scheme Smile (CRYPTO 2021).
In particular, for rings of size two, our ring signatures are only 1244 bytes.
Additionally, we explore the application of ring signatures in achieving deniability in authenticated key exchange mechanisms (AKEMs), the primitive behind the recent HPKE standard used in MLS and TLS.
We take a fine-grained approach at formalising sender deniability within AKEM and seek to define the strongest possible notions.
Our contributions extend to a black-box construction of a deniable AKEM from a KEM and a ring signature scheme for rings of size two.
Our approach attains the highest level of confidentiality and authenticity, while simultaneously preserving the strongest forms of deniability in two orthogonal settings.
Finally, we present parameter sets for our schemes, and show that our deniable AKEM yields ciphertexts of 2 KB when combined with our new ring signature scheme.
2023
ASIACRYPT
The Pre-Shared Key Modes of HPKE
Abstract
The Hybrid Public Key Encryption (HPKE) standard was
recently published as RFC 9180 by the Crypto Forum Research Group
(CFRG) of the Internet Research Task Force (IRTF). The RFC specifies
an efficient public key encryption scheme, combining asymmetric and
symmetric cryptographic building blocks.
Out of HPKE’s four modes, two have already been formally analyzed by
Alwen et al. (EUROCRYPT 2021). This work considers the remaining
two modes: HPKE_PSK and HPKE_AuthPSK. Both of them are “pre-shared
key” modes that assume the sender and receiver hold a symmetric pre-
shared key. We capture the schemes with two new primitives which we
call pre-shared key public-key encryption (pskPKE) and pre-shared key
authenticated public-key encryption (pskAPKE). We provide formal secu-
rity models for pskPKE and pskAPKE and prove (via general composition
theorems) that the two modes HPKE_PSK and HPKE_AuthPSK offer active
security (in the sense of insider privacy and outsider authenticity) under
the Gap Diffie-Hellman assumption.
We furthermore explore possible post-quantum secure instantiations of the
HPKE standard and propose new solutions based on lattices and isogenies.
Moreover, we show how HPKE’s basic HPKE_PSK and HPKEAuth_PSK modes
can be used black-box in a simple way to build actively secure post-
quantum/classic-hybrid (authenticated) encryption schemes. Our hybrid
constructions provide a cheap and easy path towards a practical post-
quantum secure drop-in replacement for the basic HPKE modes HPKE_Base
and HPKE_Auth.
Coauthors
- Joël Alwen (1)
- Phillip Gajland (1)
- Jonas Janneck (2)
- Eike Kiltz (2)
- Benjamin Lipp (1)