Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Advances in Security for Communication Networks
Guest editors: Ivan ViscontiGuest-Editor
Article type: Research Article
Authors: Nieto, Juan Gonzáleza | Manulis, Markb | Poettering, Bertramc | Rangasamy, Jothid | Stebila, Douglasa; *
Affiliations: [a] Queensland University of Technology, Brisbane, QLD, Australia. E-mails: j.gonzaleznieto@qut.edu.au, stebila@qut.edu.au | [b] University of Surrey, Guildford, UK. E-mail: mark@manulis.eu | [c] Royal Holloway, University of London, Egham, UK. E-mail: bertram.poettering@rhul.ac.uk | [d] Society for Electronic Transactions and Security, Chennai, India. E-mail: jothi.rangasamy@gmail.com
Correspondence: [*] Corresponding author: Douglas Stebila, GPO Box 2434 (2 George St, GP-O-617), Brisbane, Queensland 4001, Australia. Tel.: +61 7 3138 9566; Fax: +61 7 3138 2310; E-mail: stebila@qut.edu.au
Abstract: In many applications where encrypted traffic flows from an open (public) domain to a protected (private) domain there exists a gateway that bridges these two worlds, faithfully forwarding all incoming traffic to the receiver. We observe that the notion of indistinguishability against (adaptive) chosen-ciphertext attacks (IND-CCA2), which is a mandatory goal in face of active attacks in a public domain, can be relaxed to indistinguishability against chosen-plaintext attacks (IND-CPA) once the ciphertexts passed the gateway. The latter then acts as an IND-CCA2/CPA filter by first checking the validity of an incoming IND-CCA2-secure ciphertext, transforming it (if valid) into an IND-CPA-secure ciphertext, and finally forwarding it to the recipient in the private domain. Non-trivial filtering can result in reduced decryption costs on the recipient's side. We identify a class of encryption schemes with publicly verifiable ciphertexts that admit generic constructions of IND-CCA2/CPA filters (with non-trivial verification). These schemes are characterized by existence of public algorithms that can distinguish ultimately between valid and invalid ciphertexts. To this end, we formally define public verifiability of ciphertexts for general encryption schemes, key encapsulation mechanisms and hybrid encryption schemes, encompassing public-key, identity-based and tag-based encryption flavours. We further analyze the security impact of public verifiability and discuss generic transformations and concrete constructions that enjoy this property.
Keywords: Ciphertext filtering, public key encryption, identity-based encryption, chosen ciphertext attacks
DOI: 10.3233/JCS-130473
Journal: Journal of Computer Security, vol. 21, no. 5, pp. 749-778, 2013
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl