Saved in:
Bibliographic Details
Main Authors: Laud, Peeter, Pankova, Alisa, Vakarjuk, Jelizaveta
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2410.19338
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866916454205489152
author Laud, Peeter
Pankova, Alisa
Vakarjuk, Jelizaveta
author_facet Laud, Peeter
Pankova, Alisa
Vakarjuk, Jelizaveta
contents In this paper, we consider encryption systems with two-out-of-two threshold decryption, where one of the parties (the client) initiates the decryption and the other one (the server) assists. Existing threshold decryption schemes disclose to the server the ciphertext that is being decrypted. We give a construction, where the identity of the ciphertext is not leaked to the server, and the client's privacy is thus preserved. While showing the security of this construction, we run into the issue of defining the security of a scheme with blindly assisted decryption. We discuss previously proposed security definitions for similar cryptographic functionalities and argue why they do not capture the expected meaning of security. We propose an ideal functionality for the encryption with server-supported blind threshold decryption in the universal composability model, carefully balancing between the meaning of privacy, and the ability to implement it. We construct a protocol and show that it is a secure implementation of the proposed functionality in the random oracle model.
format Preprint
id arxiv_https___arxiv_org_abs_2410_19338
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Privacy-preserving server-supported decryption
Laud, Peeter
Pankova, Alisa
Vakarjuk, Jelizaveta
Cryptography and Security
In this paper, we consider encryption systems with two-out-of-two threshold decryption, where one of the parties (the client) initiates the decryption and the other one (the server) assists. Existing threshold decryption schemes disclose to the server the ciphertext that is being decrypted. We give a construction, where the identity of the ciphertext is not leaked to the server, and the client's privacy is thus preserved. While showing the security of this construction, we run into the issue of defining the security of a scheme with blindly assisted decryption. We discuss previously proposed security definitions for similar cryptographic functionalities and argue why they do not capture the expected meaning of security. We propose an ideal functionality for the encryption with server-supported blind threshold decryption in the universal composability model, carefully balancing between the meaning of privacy, and the ability to implement it. We construct a protocol and show that it is a secure implementation of the proposed functionality in the random oracle model.
title Privacy-preserving server-supported decryption
topic Cryptography and Security
url https://arxiv.org/abs/2410.19338