Orthogonality between key privacy and data privacy, revisited

Abstract

Key privacy is a notion regarding the privacy of the owner of a public key, which has important applications in building (receiver) anonymous channels, or privacy-enhanced authentication/signature schemes. Key privacy is considered to be an orthogonal (i.e., independent), notion from data privacy, while the key privacy of many public key encryption schemes has not been explored, though their data privacy is comparatively well understood. In this paper, we study key privacy of many practical encryption schemes and identify evidences that key privacy is not comparable to data privacy. We also formalize key privacy in the plaintext checking attack model and point out some generic transforms to enhance the key privacy of an encryption scheme. Interestingly, these well-known techniques have been used to enhance data security. Finally, we give detailed security analyses on the signed hashed-ElGamal encryption [27] in the random oracle model, of both key privacy and data security against chosen ciphertext attack. Again, this specific example supports our claim on the relation of two notions. © 2008 Springer-Verlag Berlin Heidelberg.