International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Fast and Secure Updatable Encryption

Colin Boyd , NTNU Trondheim
Gareth T. Davies , Bergische Universität Wuppertal
Kristian Gjøsteen , NTNU Trondheim
Yao Jiang , NTNU Trondheim
DOI: (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2020
Abstract: Updatable encryption allows a client to outsource ciphertexts to some untrusted server and periodically rotate the encryption key. The server can update ciphertexts from an old key to a new key with the help of an update token, received from the client, which should not reveal anything about plaintexts to an adversary. We provide a new and highly efficient suite of updatable encryption schemes that we collectively call SHINE. In the variant designed for short messages, ciphertext generation consists of applying one permutation and one exponentiation (per message block), while updating ciphertexts requires just one exponentiation. Variants for longer messages provide much stronger security guarantees than prior work that has comparable efficiency. We present a new confidentiality notion for updatable encryption schemes that implies prior notions. We prove that SHINE is secure under our new confidentiality definition while also providing ciphertext integrity.
Video from CRYPTO 2020
  title={Fast and Secure Updatable Encryption},
  author={Colin Boyd and Gareth T. Davies and Kristian Gjøsteen and Yao Jiang},