Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
TCC
2009
Springer
2009
Springer
On the (Im)Possibility of Key Dependent Encryption
We study the possibility of constructing encryption schemes secure under messages that are chosen depending on the key k of the encryption scheme itself. We give the following separation results that hold both in the private and in the public key settings: ? Let H be the family of poly(n)-wise independent hash-functions. There exists no fully-black-box reduction from an encryption scheme secure against key-dependent messages to one-way permutations (and also to families of trapdoor permutations) if the adversary can obtain encryptions of h(k) for h H. ? There exists no reduction from an encryption scheme secure against key-dependent messages to, essentially, any cryptographic assumption, if the adversary can obtain an encryption of g(k) for an arbitrary g, as long as the reduction's proof of security treats both the adversary and the function g as black boxes.
Real-time TrafficRelated Content
| Added | 25 Nov 2009 |
| Updated | 25 Nov 2009 |
| Type | Conference |
| Year | 2009 |
| Where | TCC |
| Authors | Iftach Haitner, Thomas Holenstein |
Comments (0)
Researcher Info
|
