Michel Abdalla, James Birkett, et al.
Journal of Cryptology
We provide a provable-security treatment of “robust” encryption. Robustness means it is hard to produce a ciphertext that is valid for two different users. Robustness makes explicit a property that has been implicitly assumed in the past. We argue that it is an essential conjunct of anonymous encryption. We show that natural anonymity-preserving ways to achieve it, such as adding recipient identification information before encrypting, fail. We provide transforms that do achieve it, efficiently and provably. We assess the robustness of specific encryption schemes in the literature, providing simple patches for some that lack the property. We explain that robustness of the underlying anonymous IBE scheme is essential for public-key encryption with keyword search (PEKS) to be consistent (meaning, not have false positives), and our work provides the first generic conversions of anonymous IBE schemes to consistent (and secure) PEKS schemes. Overall, our work enables safer and simpler use of encryption.
Michel Abdalla, James Birkett, et al.
Journal of Cryptology
Mihir Bellare, John Rompel
FOCS 1994
Mihir Bellare, Juan A. Garay, et al.
USENIX EC 1995
Laurent Bussard, Gregory Neven, et al.
POLICY 2010