CryptoDB
On the (Im)Possibility of Key Dependent Encryption
| Authors: | |
|---|---|
| Download: | |
| Abstract: | We study the possibility of constructing encryption schemes secure under messages that are chosen depending on the key k of the encryption scheme itself. We give the following separation results: 1. Let H be the family of poly(n)-wise independent hash-functions. There exists no fully-black-box reduction from an encryption scheme secure against key-dependent inputs to one-way permutations (and also to families of trapdoor permutations) if the adversary can obtain encryptions of h(k) for h \in H. 2. Let G be the family of polynomial sized circuits. There exists no reduction from an encryption scheme secure against key-dependent inputs to, seemingly, any cryptographic assumption, if the adversary can obtain an encryption of g(k) for g \in G, as long as the reduction's proof of security treats both the adversary and the function g as black box. |
BibTeX
@misc{eprint-2008-17841,
title={On the (Im)Possibility of Key Dependent Encryption},
booktitle={IACR Eprint archive},
keywords={foundations / Key-dependent input security, black-box separation},
url={http://eprint.iacr.org/2008/164},
note={ iftach.haitner@weizmann.ac.il 13980 received 11 Apr 2008},
author={Iftach Haitner and Thomas Holenstein},
year=2008
}