Robust key-evolving public key encryption schemes

Abstract

We propose a key-evolving paradigm to deal with the key exposure problem of public key encryption schemes. The key evolving paradigm is like the one used for forward-secure digital signature schemes. Let time be divided into time periods such that at time period j, the decryptor holds the secret key SKj, while the public key PK is fixed during its lifetime. At time period j, a sender encrypts a message m as <j, c>, which can be decrypted only with the private key SKj. When the time makes a transit from period j to j + 1, the decryptor updates its private key from SKj to SKj+1 and deletes SKj immediately. The key-evolving paradigm assures that compromise of the private key SKj does not jeopardize the message encrypted at the other time periods. We propose two key-evolving public key encryption schemes with z-resilience such that compromise of z private keys does not affect confidentiality of messages encrypted in other time periods. Assuming that the DDH problem is hard, we show one scheme semantically secure against passive adversaries and the other scheme semantically secure against the adaptive chosen ciphertext attack under the random oracle.