International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Efficient Updatable Public-Key Encryption from Lattices

Authors:
Calvin Abou Haidar , ENS Lyon/ Inria
Damien Stehlé , CryptoLab
Alain Passelègue , ENS Lyon/ Inria
Download:
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2023
Abstract: Updatable public key encryption has recently been introduced as a solution to achieve forward-security in the context of secure group messaging without hurting efficiency, but so far, no efficient lattice-based instantiation of this primitive is known. In this work, we construct the first LWE-based UPKE scheme with polynomial modulus-to-noise rate, which is CPA-secure in the standard model. At the core of our security analysis is a generalized reduction from the standard LWE problem to (a stronger version of) the Extended LWE problem. We further extend our construction to achieve stronger security notions by proposing two generic transforms. Our first transform allows to obtain CCA security in the random oracle model and adapts the Fujisaki-Okamoto transform to the UPKE setting. Our second transform allows to achieve security against malicious updates by adding a NIZK argument in the update mechanism. In the process, we also introduce the notion of Updatable Key Encapsulation Mechanism (UKEM), as the updatable variant of KEMs. Overall, we obtain a CCA-secure UKEM in the random oracle model whose ciphertext sizes are of the same order of magnitude as that of CRYSTALS-Kyber.
BibTeX
@inproceedings{asiacrypt-2023-33659,
  title={Efficient Updatable Public-Key Encryption from Lattices},
  publisher={Springer-Verlag},
  author={Calvin Abou Haidar and Damien Stehlé and Alain Passelègue},
  year=2023
}