We formally define the primitive of public-key encryption with non-interactive opening (PKENO), where the receiver of a ciphertext C can, convincingly and without interaction, reveal what the result was of decrypting C, without compromising the scheme's security. This has numerous applications in cryptographic protocol design, e.g., when the receiver wants to demonstrate that some information he was sent privately was not correctly formed. We give a definition based on the UC framework as well as an equivalent game-based definition. The PKENO concept was informally introduced by Damgård and Thorbek who suggested that it could be implemented based on Identity-Based Encryption. In this paper, we give direct and optimized implementations, that work without having to keep state information, unlike what one obtains from directly using IBE. © 2008 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Damgård, I., Hofheinz, D., Kiltz, E., & Thorbek, R. (2008). Public-key encryption with non-interactive opening. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4964 LNCS, pp. 239–255). https://doi.org/10.1007/978-3-540-79263-5_15
Mendeley helps you to discover research relevant for your work.