Standard Security Does Not Imply Security Against Selective-Opening

Authors

Mihir Bellare, Rafael Dowsley, Brent Waters, and Scott Yilek

Abstract

We show that no commitment scheme that is hiding and binding according to the standard definition is semantically-secure under selective opening attack (SOA), resolving a long-standing and fundamental open question about the power of SOAs. We also obtain the first examples of IND-CPA encryption schemes that are not secure under SOA, both for sender corruptions where encryption coins are revealed and receiver corruptions where decryption keys are revealed. These results assume only the existence of collision-resistant hash functions.

Reference

Mihir Bellare, Rafael Dowsley, Brent Waters, and Scott Yilek.
Standard Security Does Not Imply Security Against Selective-Opening
Advances in Cryptology - EUROCRYPT 2012. LNCS Vol. 7237, pp. 645-662, D. Pointcheval and T. Johansson eds., Springer, 2012.

Versions

ePrint Version
Conference Version

See Also

EUROCRYPT 2012