Plaintext-aware encryption

About: Plaintext-aware encryption is a research topic. Over the lifetime, 1980 publications have been published within this topic receiving 101775 citations. The topic is also known as: Plaintext awareness.

Hidden ciphertext policy attribute-based encryption under standard assumptions

Abstract: We propose two new ciphertext policy attribute-based encryption (CP-ABE) schemes where the access policy is defined by AND-gate with wildcard. In the first scheme, we present a new technique that uses only one group element to represent an attribute, while the existing ABE schemes of the same type need to use three different group elements to represent an attribute for the three possible values (namely, positive, negative, and wildcard). Our new technique leads to a new CP-ABE scheme with constant ciphertext size, which, however, cannot hide the access policy used for encryption. The main contribution of this paper is to propose a new CP-ABE scheme with the property of hidden access policy by extending the technique we used in the construction of our first scheme. In particular, we show a way to bridge ABE based on AND-gate with wildcard with inner product encryption and then use the latter to achieve the goal of hidden access policy. We prove that our second scheme is secure under the standard decisional linear and decisional bilinear Diffie-Hellman assumptions.

Reversible Data Hiding in Homomorphic Encrypted Domain by Mirroring Ciphertext Group

Abstract: This paper proposes a novel reversible data hiding scheme for encrypted images by using homomorphic and probabilistic properties of Paillier cryptosystem. In the proposed method, groups of adjacent pixels are randomly selected, and reversibly embedded into the rest of the image to make room for data embedding. In each group, there are a reference pixel and a few host pixels. Least significant bits (LSBs) of the reference pixels are reset before encryption and the encrypted host pixels are replaced with the encrypted reference pixel in the same group to form mirroring ciphertext groups (MCGs). In such a way, the modification on MCGs for data embedding will not cause any pixel oversaturation in plaintext domain and the embedded data can be directly extracted from the encrypted domain. In an MCG, the reference ciphertext pixel is kept unchanged as a reference while data hider embeds the encrypted additional data into the LSBs of the host ciphertext pixels by employing homomorphic multiplication. On the receiver side, the hidden ciphertext data can be retrieved by employing a modular multiplicative inverse operation between the marked host ciphertext pixels and their corresponding reference ciphertext pixels, respectively. After that, the hidden data are extracted promptly by looking for a one-to-one mapping table from ciphertext to plaintext. Data extraction and image restoration can be accomplished without any error after decryption. Compared with the existing works, the proposed scheme has lower computation complexity, higher security performance, and better embedding performance. The experiments on the standard image files also certify the effectiveness of the proposed scheme.

On the Security of a Class of Diffusion Mechanisms for Image Encryption

Abstract: The need for fast and strong image cryptosystems motivates researchers to develop new techniques to apply traditional cryptographic primitives in order to exploit the intrinsic features of digital images. One of the most popular and mature technique is the use of complex dynamic phenomena, including chaotic orbits and quantum walks, to generate the required key stream. In this paper, under the assumption of plaintext attacks we investigate the security of a classic diffusion mechanism (and of its variants) used as the core cryptographic primitive in some image cryptosystems based on the aforementioned complex dynamic phenomena. We have theoretically found that regardless of the key schedule process, the data complexity for recovering each element of the equivalent secret key from these diffusion mechanisms is only ${O}$ (1). The proposed analysis is validated by means of numerical examples. Some additional cryptographic applications of this paper are also discussed.

A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0

Abstract: An adaptive chosen ciphertext attack against PKCS #1 v20 RSA OAEP encryption is described It recovers the plaintext - not the private key - from a given ciphertext in a little over log2 n queries of an oracle implementing the algorithm, where n is the RSA modulus The high likelihood of implementations being susceptible to this attack is explained as well as the practicality of the attack Improvements to the algorithm to defend against the attack are discussed

Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products

Abstract: Predicate encryption is a new paradigm for public-key encryption that generalizes identity-based encryption and more. In predicate encryption, secret keys correspond to predicates and ciphertexts are associated with attributes; the secret key SK f corresponding to a predicate f can be used to decrypt a ciphertext associated with attribute I if and only if f(I)=1. Constructions of such schemes are currently known only for certain classes of predicates. We construct a scheme for predicates corresponding to the evaluation of inner products over ? N (for some large integer N). This, in turn, enables constructions in which predicates correspond to the evaluation of disjunctions, polynomials, CNF/DNF formulas, thresholds, and more. Besides serving as a significant step forward in the theory of predicate encryption, our results lead to a number of applications that are interesting in their own right.