IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508
On the Implications from Updatable Encryption to Public-Key Cryptographic Primitives
Yuichi TANISHITARyuya HAYASHIRyu ISHIITakahiro MATSUDAKanta MATSUURA
著者情報
ジャーナル フリー 早期公開

論文ID: 2025CIP0019

詳細
抄録

Updatable encryption (UE) is a special type of symmetric-key encryption (SKE) that allows a third party to update ciphertexts while protecting plaintexts. Alamati et al. (CRYPTO 2019) showed a curious connection between UE and public-key encryption (PKE) that PKE can be constructed from UE. This implication result is somewhat surprising since it is well-known that PKE cannot be constructed from (ordinary) SKE in a black-box manner.

In this paper, we continue to study the relationships between UE and other cryptographic primitives to obtain further insights into the existence and power of UE, and assumptions required for it. More specifically, we introduce some security properties that are natural to consider for UE (and are indeed satisfied by some existing UE schemes), and then investigate what types of public-key cryptographic primitives can be constructed from UE with the additional properties. Specifically, we show the following results:

·2-round oblivious transfer (OT) can be constructed from UE that satisfies the oblivious samplability of original ciphertexts (i.e. those generated by the ordinary encryption algorithm, as opposed to those generated by the ciphertext-update algorithm) and the oblivious samplability of update tokens (that are used for updating ciphertexts).

·3-round OT can be constructed from UE with the oblivious samplability of updated ciphertexts (i.e. those generated by the ciphertext-update algorithm).

·Lossy encryption and PKE secure against selective-opening attacks can be constructed from UE if it satisfies what we call statistical confidentiality of original ciphertexts.

·IND-CPA secure PKE can be constructed from another variant of UE, ciphertext-dependent UE, if its algorithm to generate an update token is deterministic.

著者関連情報
© 2025 The Institute of Electronics, Information and Communication Engineers
前の記事 次の記事
feedback
Top