International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Anamorphic Encryption, Revisited

Authors:
Fabio Banfi , Zühlke Engineering AG
Konstantin Gegier , ETH Zurich
Martin Hirt , ETH Zurich
Ueli Maurer , ETH Zurich
Guilherme Rito , Ruhr-Universität Bochum
Download:
DOI: 10.1007/978-3-031-58723-8_1 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: EUROCRYPT 2024
Abstract: Anamorphic encryption refers to an enhanced version of an established PKE scheme which can be set up with an additional so-called double key, shared by sender and receiver. This protects against a dictator that can force the receiver to reveal the secret keys for the PKE scheme, but who is oblivious about the existence of the double key. We identify two limitations of the original model by Persiano, Phan, and Yung (EUROCRYPT 2022). First, in their definition a double key can only be generated once, together with a key-pair. This has the drawback that a receiver who wants to use the anamorphic mode after a dictator comes to power, needs to deploy a new key-pair, a potentially suspicious act. Second, a receiver cannot distinguish whether or not a ciphertext contains a covert message. In this work we propose a new model that overcomes these limitations. First, we allow to associate multiple double keys to a key-pair, after its deployment. This also enables deniability in case the double key only depends on the public key. Second, we propose a natural robustness notion, which guarantees that anamorphically decrypting a regularly encrypted message results in a special symbol indicating that no covert message is contained, which also eliminates certain attacks. Finally, to instantiate our new, stronger definition of anamorphic encryption, we provide generic and concrete constructions. Concretely, we show that ElGamal and Cramer-Shoup satisfy a new condition, selective randomness recoverability, which enables robust anamorphic extensions, and we also provide a robust anamorphic extension for RSA-OAEP.
BibTeX
@inproceedings{eurocrypt-2024-33972,
  title={Anamorphic Encryption, Revisited},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-58723-8_1},
  author={Fabio Banfi and Konstantin Gegier and Martin Hirt and Ueli Maurer and Guilherme Rito},
  year=2024
}