Lecture Notes in Computer Science 5443 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen University of Dortmund, Germany Madhu Sudan Massachusetts Institute of Technology, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany
Stanisław Jarecki Gene Tsudik (Eds.) Public Key Cryptography PKC 2009 12th International Conference on Practice and Theory in Public Key Cryptography Irvine, CA, USA, March 18-20, 2009 Proceedings 13
Volume Editors Stanisław Jarecki Gene Tsudik University of California, Irvine Computer Science Department Irvine, CA 92697-3435, USA E-mail: {stasio, gts}@ics.uci.edu Library of Congress Control Number: 2009921160 CR Subject Classification (1998): E.3, F.2.1-2, C.2.0, K.4.4, K.6.5 LNCS Sublibrary: SL 4 Security and Cryptology ISSN 0302-9743 ISBN-10 3-642-00467-9 Springer Berlin Heidelberg New York ISBN-13 978-3-642-00467-4 Springer Berlin Heidelberg New York This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. springer.com Springer-Verlag Berlin Heidelberg 2009 Printed in Germany Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper SPIN: 12631902 06/3180 543210
The original version of the book was revised: The copyright line was incorrect. The Erratum to the book is available at DOI: 10.1007/978-3-642-00468-1_29
Preface It has been a real pleasure to have taken part in organizing the 12th International Conference on Practice and Theory in Public Key Cryptography (PKC 2009). PKC 2009 was held March 18-20, 2009, on the campus of the University of California, Irvine (UCI). As usual, it was sponsored by the International Association for Cryptologic Research (IACR) in cooperation with: UCI Secure Computing and Networking Center (SCONCE) UCI Donald Bren School of Information and Computer Sciences (DBSICS) California Institute for Telecommunications and Information Technology (CalIT2) The PKC 2008 Program Committee (PC) consisted of 33 internationally recognized researchers with combined expertise covering the entire scope of the conference. Recent growth in the number of cryptography venues has resulted in stiff competition for high-quality papers. Nonetheless, PKC s continued success is evident from both the number and the quality of submissions. PKC 2009 received a total of 112 submissions. They were reviewed by the PC members and a highly qualified team of external reviewers. Each submission was refereed by at least three reviewers. After deliberations by the PC, 28 submissions were accepted for presentation. Based on extensive discussions, the PKC 2009 best paper award was given to Alexander May and Maike Ritzenhofen for their paper Implicit Factoring: On Polynomial Time Factoring Given Only an Implicit Hint. The conference program also included two invited talks, by Anna Lysyanskaya (Brown University) and Amit Sahai (UCLA). A number of people selflessly contributed to the success of PKC 2009. First and foremost, we thank the authors of all submissions. They are the backbone of this conference and their confidence and support are highly appreciated. We are similarly grateful to the dedicated, knowledgeable and hard-working PC members who provided excellent reviews (on time and on a tight schedule!) and took part in post-review discussions. Their altruistic dedication and community service spirit are commendable. We are also indebted to the PKC Steering Committee members for their guidance as well as to Shai Halevi and Christian Cachin for valuable technical assistance with revewing and organizational aspects. A special word of thanks to Moti Yung for his encouragement and help in the planning stage. Last, but surely not least, we greatefully acknowledge extramural financial support (especially appreciated in these tough economic times) by Microsoft Research, Google and Qualcomm. March 2009 Stanis law Jarecki Gene Tsudik
Organization General and Program Co-chairs Stanis law Jarecki and Gene Tsudik Computer Science Department University of California, Irvine Program Committee Xavier Boyen Christian Cachin Jan Camenisch Jung Hee Cheon Jean-Sebastien Coron Nelly Fazio Bao Feng Pierre-Alain Fouque Juan Garay Rosario Gennaro Amir Herzberg Marc Joye Seny Kamara Eike Kiltz Aggelos Kiayias Javier Lopez Breno de Medeiros David Naccache Jesper Buus Nielsen Kenny Paterson Benny Pinkas David Pointcheval Ahmed Reza-Sadeghi Rei Safavi-Naini Nitesh Saxena Berry Schoenmakers Hovav Shacham Vitaly Shmatikov Igor Shparlinski Michael Steiner Serge Vaudenay Ivan Visconti Suzanne Wetzel Voltage Security, USA IBM Zurich Research, Switzerland IBM Zurich Research, Switzerland Seoul National University, South Korea University of Luxembourg, Luxembourg CUNY, USA i2r, Singapore ENS, France AT&T Labs Research, USA IBM T.J. Watson Research Center, USA Bar Ilan University, Israel Thomson R&D, France Microsoft, USA CWI, The Netherlands University of Connecticut, USA University of Malaga, Spain Google, USA ENS, France Aarhus University, Denmark Royal Holloway, UK University of Haifa, Israel ENS-CNRS-INRIA, France Bochum University, Germany University of Calgary, Canada NYU Polytechnic Institute, USA TU Eindhoven, The Netherlands UC San Diego, USA UT Austin, USA Macquarie University, Australia IBM T.J. Watson Research Center, USA EPFL, Switzerland University of Salerno, Italy Stevens Institute of Technology, USA
X Organization External Reviewers Jaehyun Ahn Adi Akavia Martin Albrecht Frederik Armknecht Werner Backes Joonsang Baek Aurelie Bauer Olivier Billet Joppe Bos Justin Brickell David Cash Dario Catalano Rafik Chaabouni Xiaofeng Chen Carlos Cid Christophe Clavier Paolo D Arco Ivan Damgård Yevgeniy Dodis Anna Lisa Ferrara Matthieu Finiasz Martin Gagne Steven Galbraith David Galindo Robert Gallant Maribel Gonzalez-Vasco Robert Granger Matthew Green Javier Herranz Jason Hinek Dennis Hofheinz Sebastiaan de Hoogh Nick Howgrave-Graham Malika Izabachène David Jao Jonathan Katz Markulf Kohlweiss Vladimir Kolesnikov Ralf Kuesters Mun-kyu Lee Arjen Lenstra Benoit Libert Moses Liskov Joseph K. Liu Hans Loehr Gilles Macario-Rat Mark Manulis Alexander May Nicolas Méloni Jorge Nakahara Gregory Neven Antonio Nicolosi Juan Gonzalez Nieto Claudio Orlandi Khaled Ouafi Sylvain Pasini Jacques Patarin Serdar Pehlivanoglu Kun Peng Tal Rabin Carla Ràfols Pankaj Rohatgi Thomas Schneider Mike Scott Igor Semaev Siamak Shahandashti Haya Shulman Alice Silverberg Thomas Sirvent William Skeith Rainer Steinwandt Qiang Tang Joe-Kai Tsay Raylin Tso Borhan Uddin Dominique Unruh Frederik Vercauteren Jos Villegas Felipe Voloch Jonathan Voris Christian Wachsmann Daniel Wichs Hong-Sheng Zhou Sponsors Financial support by the following sponsors is gratefully acknowledged: Microsoft Research Google Qualcomm Secure Computing and Networking Center (SCONCE) at UCI 1 California Institute for Telecommunications and Information Technology (CalIT2) Donald Bren School of Information and Computer Science (DBSICS) at UCI 1 PKC 2009 support made possible by a grant from the Experian Corporation.
Table of Contents Number Theory Implicit Factoring: On Polynomial Time Factoring Given Only an Implicit Hint... 1 Alexander May and Maike Ritzenhofen The Security of All Bits Using List Decoding... 15 Paz Morillo and Carla Ràfols A New Lattice Construction for Partial Key Exposure Attack for RSA... 34 Yoshinori Aono Subset-Restricted Random Walks for Pollard rho Method on F p m... 54 Minkyu Kim, Jung Hee Cheon, and Jin Hong Applications and Protocols Signing a Linear Subspace: Signature Schemes for Network Coding... 68 Dan Boneh, David Freeman, Jonathan Katz, and Brent Waters Improving the Boneh-Franklin Traitor Tracing Scheme... 88 Pascal Junod, Alexandre Karlov, and Arjen K. Lenstra Modeling Key Compromise Impersonation Attacks on Group Key Exchange Protocols... 105 M. Choudary Gorantla, Colin Boyd, and Juan Manuel González Nieto Zero-Knowledge Proofs with Witness Elimination... 124 Aggelos Kiayias and Hong-Sheng Zhou Multi-Party Protocols Distributed Public-Key Cryptography from Weak Secrets... 139 Michel Abdalla, Xavier Boyen, Céline Chevalier, and David Pointcheval Asynchronous Multiparty Computation: Theory and Implementation... 160 Ivan Damgård, Martin Geisler, Mikkel Krøigaard, and Jesper Buus Nielsen Multi-Party Computation with Omnipresent Adversary... 180 Hossein Ghodosi and Josef Pieprzyk
XII Table of Contents Identity-Based Encryption Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data... 196 Jan Camenisch, Markulf Kohlweiss, Alfredo Rial, and Caroline Sheedy Anonymous Hierarchical Identity-Based Encryption with Constant Size Ciphertexts... 215 Jae Hong Seo, Tetsutaro Kobayashi, Miyako Ohkubo, and Koutarou Suzuki Towards Black-Box Accountable Authority IBE with Short Ciphertexts and Private Keys... 235 Benoît Libert and Damien Vergnaud Removing Escrow from Identity-Based Encryption: New Security Notions and Key Management Techniques... 256 Sherman S.M. Chow Signatures On the Theory and Practice of Personal Digital Signatures... 277 Ivan Damgård and Gert Læssøe Mikkelsen Security of Blind Signatures under Aborts... 297 Marc Fischlin and Dominique Schröder Security of Sanitizable Signatures Revisited... 317 Christina Brzuska, Marc Fischlin, Tobias Freudenreich, Anja Lehmann, Marcus Page, Jakob Schelbert, Dominique Schröder, and Florian Volk Identification of Multiple Invalid Signatures in Pairing-Based Batched Signatures... 337 Brian J. Matt Encryption CCA-Secure Proxy Re-encryption without Pairings... 357 Jun Shao and Zhenfu Cao Compact CCA-Secure Encryption for Messages of Arbitrary Length... 377 Masayuki Abe, Eike Kiltz, and Tatsuaki Okamoto Verifiable Rotation of Homomorphic Encryptions... 393 Sebastiaan de Hoogh, Berry Schoenmakers, Boris Škorić, and José Villegas
Table of Contents XIII New Cryptosystems and Optimizations A Practical Key Recovery Attack on Basic TCHo.................... 411 Mathias Herrmann and Gregor Leander An Algebraic Surface Cryptosystem................................ 425 Koichiro Akiyama, Yasuhiro Goto, and Hideyuki Miyake Fast Multibase Methods and Other Several Optimizations for Elliptic Curve Scalar Multiplication....................................... 443 Patrick Longa and Catherine Gebotys Group Signatures and Anonymous Credentials Revocable Group Signature Schemes with Constant Costs for Signing and Verifying.................................................... 463 Toru Nakanishi, Hiroki Fujii, Yuta Hira, and Nobuo Funabiki An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials........................................... 481 Jan Camenisch, Markulf Kohlweiss, and Claudio Soriente Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials...................................................... 501 Scott Coull, Matthew Green, and Susan Hohenberger Erratum to: Public Key Cryptography PKC 2009................. Stanislaw Jarecki and Gene Tsudik E1 Author Index.................................................. 521