# Everybody's a Target: Scalability in Public-Key Encryption

@article{Auerbach2019EverybodysAT, title={Everybody's a Target: Scalability in Public-Key Encryption}, author={Benedikt Auerbach and F. Giacon and Eike Kiltz}, journal={IACR Cryptol. ePrint Arch.}, year={2019}, volume={2019}, pages={364} }

For \(1\le m \le n\), we consider a natural m-out-of-n multi-instance scenario for a public-key encryption (PKE) scheme. An adversary, given n independent instances of PKE, wins if he breaks at least m out of the n instances. In this work, we are interested in the scaling factor of PKE schemes, \(\mathrm {SF}\), which measures how well the difficulty of breaking m out of the n instances scales in m. That is, a scaling factor \(\mathrm {SF}=\ell \) indicates that breaking m out of n instances is… Expand

#### Figures, Tables, and Topics from this paper

#### One Citation

#### References

SHOWING 1-10 OF 34 REFERENCES

Multi-instance Security and Its Application to Password-Based Cryptography

- Computer Science
- CRYPTO
- 2012

This work is able to conclude with the first proof that per password salts amplify mi-security as hoped in practice, and provides a composition-based framework to transfer standard single-instance si security to mi- security with the aid of a key-derivation function. Expand

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice

- Computer Science
- CCS
- 2015

Logjam, a novel flaw in TLS that lets a man-in-the-middle downgrade connections to "export-grade" Diffie-Hellman, is presented and a close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved a break. Expand

Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements

- Mathematics, Computer Science
- EUROCRYPT
- 2000

It is proved that security in the single-user setting implies security inThe multi- user setting as long as the former is interpreted in the strong sense of "indistinguishability," thereby pin-pointing many schemes guaranteed to be secure against Hastad-type attacks. Expand

Hybrid Encryption in a Multi-user Setting, Revisited

- Computer Science
- Public Key Cryptography
- 2017

This paper contributes to understanding the interplay of security notions for PKE, KEMs, and DEMs, in settings with multiple users, challenges, and instances, by studying the tightness aspects of the standard hybrid KEM+DEM encryption paradigm and the inherent weak security properties of all deterministic DEMs. Expand

Abstract Models of Computation in Cryptography

- Computer Science
- IMACC
- 2005

An abstract model of computation is proposed which allows to capture reasonable restrictions on the power of algorithms and is proved that computing discrete logarithms is generically hard even if an oracle for the decisional Diffie-Hellman problem and/or other low degree relations were available. Expand

Multi-user Collisions: Applications to Discrete Logarithm, Even-Mansour and PRINCE

- Computer Science
- ASIACRYPT
- 2014

This paper introduces two new algorithmic ideas to improve collision-based attacks in the multi-user setting, derived from the parallelizable collision search as proposed by van Oorschot and Wiener. Expand

Resource-based corruptions and the combinatorics of hidden diversity

- Computer Science, Mathematics
- ITCS '13
- 2013

The notion of resource-based corruptions, where the adversary must invest some resources in order to corrupt a player, is put forth and it is shown that hidden diversity can be used to force the corruption threshold to drop from 1/2 to 1/3, in turn allowing the use of much more efficient MPC protocols. Expand

The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES

- Computer Science
- CT-RSA
- 2001

In this paper, natural assumptions under which DHIES achieves security under chosen-ciphertext attack are found and the assumptions made about the Diffie-Hellman problem are investigated, and they provide security lower bounds. Expand

Assumptions Related to Discrete Logarithms: Why Subtleties Make a Real Difference

- Computer Science, Mathematics
- EUROCRYPT
- 2001

It is proved that two DL-related assumptions can be reduced to each other for medium granularity but it is also shown that they are provably not reducible with generic algorithms for high granularity. Expand

Hierarchical Identity Based Encryption with Constant Size Ciphertext

- Computer Science, Mathematics
- EUROCRYPT
- 2005

A Hierarchical Identity Based Encryption system where the ciphertext consists of just three group elements and decryption requires only two bilinear map computations, regardless of the hierarchy depth, which is proved to be as efficient as in other HIBE systems. Expand