Lecture Notes in Computer Science 6571 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Germany Madhu Sudan Microsoft Research, Cambridge, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbruecken, Germany
Dario Catalano Nelly Fazio Rosario Gennaro Antonio Nicolosi (Eds.) Public Key Cryptography PKC 2011 14th International Conference on Practice and Theory in Public Key Cryptography Taormina, Italy, March 6-9, 2011 Proceedings 13
Volume Editors Dario Catalano Università di Catania, Italy E-mail: catalano@dmi.unict.it Nelly Fazio City University of New York, NY, USA E-mail: fazio@cs.ccny.cuny.edu Rosario Gennaro IBM T.J. Watson Research Center, Hawthorne, NY, USA E-mail: rosario@us.ibm.com Antonio Nicolosi Stevens Institute of Technology, Hoboken, NJ, USA E-mail: nicolosi@cs.stevens.edu ISSN 0302-9743 e-issn 1611-3349 ISBN 978-3-642-19378-1 e-isbn 978-3-642-19379-8 DOI 10.1007/978-3-642-19379-8 Springer Heidelberg Dordrecht London New York Library of Congress Control Number: 2011921312 CR Subject Classification (1998): E.3, K.6.5, C.2, D.4.6, K.4.4, E.4 LNCS Sublibrary: SL 4 Security and Cryptology International Association for Cryptologic Research 2011 This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper Springer is part of Springer Science+Business Media (www.springer.com)
Preface The 14th International Conference on Practice and Theory in Public Key Cryptography (PKC 2011) was held March 6 9, 2011 in Taormina, Italy. PKC 2011 was sponsored by the International Association for Cryptologic Research (IACR). The conference received 103 submissions and each submission was assigned to at least three committee members. Submissions co-authored by members of the Program Committee were assigned to at least five committee members. Due to the large number of high-quality submissions, the review process was challenging and we are deeply grateful to the 30 committee members and the 96 external reviewers for their outstanding work. After extensive discussions, the Program Committee selected 28 submissions for presentation during the conference: these are the articles that are included in this volume. The review process was run using Shai Halevi s software, and we are indebted to him for his help in setting it up and running it. The program also included one invited talk: New Developments in Leakage- Resilient Cryptography given by Vinod Vaikuntanathan, whom we thank for accepting our invitation and for contributing to the success of the conference. Our thanks go also to Springer for publishing the proceedings in the Lecture Notes in Computer Science series. March 2011 Rosario Gennaro Nelly Fazio Antonio Nicolosi Dario Catalano
PKC 2011 The 14th IACR International Conference on Practice and Theory of Public Key Cryptography Taormina, Italy, March 6 9, 2011 Program Chair Rosario Gennaro IBM Research, USA General Chairs Nelly Fazio Antonio Nicolosi City University of New York, USA Stevens Institute of Technology, USA Local Arrangements Chair Dario Catalano Università di Catania, Italy Program Committee Masayuki Abe John R. Black Alexandra Boldyreva Colin Boyd Emmanuel Bresson Melissa Chase Paolo D Arco Alexander W. Dent Stefan Dziembowski Dario Fiore Marc Fischlin Carmit Hazay Martin Hirt Stanislaw Jarecki Eike Kiltz Kaoru Kurosawa Yehuda Lindell Sebastià Martin Alexander May NTT Labs, Japan University of Colorado, USA Georgia Institute of Technology, USA Queensland University of Technology, Australia EADS, France Microsoft Research, USA Università disalerno,italy Royal Holloway University of London, UK Università di Roma La Sapienza, Italy École Normale Supérieure, France Technische Universität Darmstadt, Germany Aarhus Universitet, Denmark ETH Zurich, Switzerland University of California at Irvine, USA Ruhr-Universität Bochum, Germany Ibaraki University, Japan Bar-Ilan University, Israel Universitat Politecnica de Catalunya, Spain Ruhr-Universität Bochum, Germany
VIII Organization Jesper Buus Nielsen Bryan Parno Mario Di Raimondo Mike Rosulek Guy Rothblum Kazue Sako Berry Schoenmakers Thomas Shrimpton NigelSmart Edlyn Teske-Wilson Muthu Venkitasubramaniam Aarhus Universitet, Denmark Microsoft Research, USA Università di Catania, Italy University of Montana, USA IAS Princeton, USA NEC, Japan T.U. Eindhoven, The Netherlands Portland State University, USA BristolUniversity,UK University of Waterloo, Canada New York University, USA PKC Steering Committee Ronald Cramer Yvo Desmedt Hideki Imai David Naccache Tatsuaki Okamoto David Pointcheval Moti Yung (Secretary) Yuliang Zeng (Chair) CWI and Universiteit Leiden, The Netherlands University College London, UK Chuo University and AIST, Japan École Normale Supérieure, France NTT Labs, Japan École Normale Supérieure, France Google Inc. and Columbia University, USA University of North Carolina at Charlotte, USA External Reviewers Michel Abdalla Divesh Aggarwal Joel Alwen Nuttapong Attrapadung Kfir Barhum Aurélie Bauer Rikke Bendlin Dan J. Bernstein Olivier Billet Christina Brzuska David Cash Dario Catalano Céline Chevalier Sandro Coretti Emiliano De Cristofaro Özgür Dagdelen Ivan Damgård Alfredo Rial Duran Oriol Farràs Jean-Charles Faugere Ignacio Fernández-Rúa Anna Lisa Ferrara Eiichiro Fujisaki Jun Furukawa Steven Galbraith Sanjam Garg Juan Gonzalez Choudary Gorantla Ignacio Gracia Jens Groth Shai Halevi Goichiro Hanaoka Kristiyan Haralambiev Swee-Huay Heng Mathias Herrmann S.J.A. de Hoogh Toshiyuki Isshiki Tibor Jager Antoine Joux Bhavana Kanukurthi Hugo Krawczyk Tanja Lange Peter van Liesdonk Richard Lindner Georg Lippold Patrick Longa Adriana Lopez-Alt Christoph Lucas Hemanta Maji Mark Manulis Barbara Masucci Sarah Meiklejohn Sigurd Torkel Meldgaard Petros Mol Paz Morillo Ryo Nojima Adam O Neill
Organization IX Miyako Ohkubo Tatsuaki Okamoto Maria Cristina Onete Claudio Orlandi Carles Padró Dan Page Anat Paskin Valerio Pastro Ludovic Perret Le Trieu Phong Krzysztof Pietrzak Angel Perez del Pozo Pavel Raykov Markus Rückert Carla Ràfols Yusuke Sakai Dominique Schröder Sven Schage Hovav Shacham Francesco Sica Joseph Silverman Claudio Soriente Björn Tackmann Keisuke Tanaka Stefano Tessaro Enrico Thomae Tomas Toft Joana Treger Daniele Venturi Damien Vergnaud Jorge L. Villar Ivan Visconti Benne de Weger Christopher Wolf Qianhong Wu Shota Yamada Go Yamamoto Bo-Yin Yang Angela Zottarel
Table of Contents Signatures I Linearly Homomorphic Signatures over Binary Fields and New Tools for Lattice-Based Signatures... 1 Dan Boneh and David Mandell Freeman Homomorphic Network Coding Signatures in the Standard Model... 17 Nuttapong Attrapadung and Benoît Libert Efficient Attribute-Based Signatures for Non-monotone Predicates in the Standard Model... 35 Tatsuaki Okamoto and Katsuyuki Takashima Attribute Based Encryption Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization... 53 Brent Waters Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption... 71 Shota Yamada, Nuttapong Attrapadung, Goichiro Hanaoka, and Noboru Kunihiro Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts... 90 Nuttapong Attrapadung, Benoît Libert, and Elie de Panafieu Number Theory Faster and Lower Memory Scalar Multiplication on Supersingular Curves in Characteristic Three... 109 Roberto Avanzi and Clemens Heuberger On the Correct Use of the Negation Map in the Pollard rho Method... 128 Daniel J. Bernstein, Tanja Lange, and Peter Schwabe Cryptanalysis of the RSA Subgroup Assumption from TCC 2005... 147 Jean-Sébastien Coron, Antoine Joux, Avradip Mandal, David Naccache, and Mehdi Tibouchi
XII Table of Contents Protocols (If) Size Matters: Size-Hiding Private Set Intersection... 156 Giuseppe Ateniese, Emiliano De Cristofaro, and Gene Tsudik Sub-linear, Secure Comparison with Two Non-colluding Parties... 174 Tomas Toft Oblivious Transfer with Hidden Access Control Policies... 192 Jan Camenisch, Maria Dubovitskaya, Gregory Neven, and Gregory M. Zaverucha Chosen-Ciphertext Security Chosen Ciphertext Secure Encryption under Factoring Assumption Revisited... 210 Qixiang Mei, Bao Li, Xianhui Lu, and Dingding Jia Chameleon All-But-One TDFs and Their Application to Chosen-Ciphertext Security... 228 Junzuo Lai, Robert H. Deng, and Shengli Liu Parallel Decryption Queries in Bounded Chosen Ciphertext Attacks... 246 Takahiro Matsuda and Kanta Matsuura Secure Blind Decryption... 265 Matthew Green Invited Talk New Developments in Leakage-Resilient Cryptography (Abstract)... 283 Vinod Vaikuntanathan Encryption On the Security of a Bidirectional Proxy Re-encryption Scheme from PKC 2010... 284 Jian Weng, Yunlei Zhao, and Goichiro Hanaoka Fully Secure Accountable-Authority Identity-Based Encryption... 296 Amit Sahai and Hakan Seyalioglu One-Pass HMQV and Asymmetric Key-Wrapping... 317 Shai Halevi and Hugo Krawczyk
Table of Contents XIII Signatures II Linear Recurring Sequences for the UOV Key Generation... 335 Albrecht Petzoldt, Stanislav Bulygin, and Johannes Buchmann On the Impossibility of Instantiating PSS in the Standard Model... 351 Rishiraj Bhattacharyya and Avradip Mandal On-line Non-transferable Signatures Revisited... 369 Jacob C.N. Schuldt and Kanta Matsuura Zero-Knowledge Round-Efficient Sub-linear Zero-Knowledge Arguments for Linear Algebra... 387 JaeHongSeo Signatures on Randomizable Ciphertexts... 403 Olivier Blazy, Georg Fuchsbauer, David Pointcheval, and Damien Vergnaud Revocation for Delegatable Anonymous Credentials... 423 Tolga Acar and Lan Nguyen Cryptanalysis Cryptanalysis of Multivariate and Odd-Characteristic HFE Variants... 441 Luk Bettale, Jean-Charles Faugère, and Ludovic Perret Cryptanalysis of Cryptosystems Based on Non-commutative Skew Polynomials... 459 Vivien Dubois and Jean-Gabriel Kammerer Practical Cryptanalysis of the Identification Scheme Based on the Isomorphism of Polynomial with One Secret Problem... 473 Charles Bouillaguet, Jean-Charles Faugère, Pierre-Alain Fouque, and Ludovic Perret Author Index... 495