Table Of ContentLecture Notes in Computer Science 7778
CommencedPublicationin1973
FoundingandFormerSeriesEditors:
GerhardGoos,JurisHartmanis,andJanvanLeeuwen
EditorialBoard
DavidHutchison
LancasterUniversity,UK
TakeoKanade
CarnegieMellonUniversity,Pittsburgh,PA,USA
JosefKittler
UniversityofSurrey,Guildford,UK
JonM.Kleinberg
CornellUniversity,Ithaca,NY,USA
AlfredKobsa
UniversityofCalifornia,Irvine,CA,USA
FriedemannMattern
ETHZurich,Switzerland
JohnC.Mitchell
StanfordUniversity,CA,USA
MoniNaor
WeizmannInstituteofScience,Rehovot,Israel
OscarNierstrasz
UniversityofBern,Switzerland
C.PanduRangan
IndianInstituteofTechnology,Madras,India
BernhardSteffen
TUDortmundUniversity,Germany
MadhuSudan
MicrosoftResearch,Cambridge,MA,USA
DemetriTerzopoulos
UniversityofCalifornia,LosAngeles,CA,USA
DougTygar
UniversityofCalifornia,Berkeley,CA,USA
GerhardWeikum
MaxPlanckInstituteforInformatics,Saarbruecken,Germany
Kaoru Kurosawa Goichiro Hanaoka (Eds.)
Public-Key
Cryptography –
PKC 2013
16th International Conference
on Practice andTheory in Public-Key Cryptography
Nara, Japan, February 26 – March 1, 2013
Proceedings
1 3
VolumeEditors
KaoruKurosawa
IbarakiUniversity
DepartmentofComputerandInformationSciences
4-12-1Nakanarusawa,Hitachi,Ibaraki316-8511,Japan
E-mail:[email protected]
GoichiroHanaoka
NationalInstituteofAdvancedIndustrialScienceandTechnology(AIST)
ResearchInstituteforSecureSystems(RISEC)
1-1-1Umezono,Tsukuba,Ibaraki305-8568,Japan
E-mail:[email protected]
ISSN0302-9743 e-ISSN1611-3349
ISBN978-3-642-36361-0 e-ISBN978-3-642-36362-7
DOI10.1007/978-3-642-36362-7
SpringerHeidelbergDordrechtLondonNewYork
LibraryofCongressControlNumber:2013930237
CRSubjectClassification(1998):E.3,K.6.5,E.4,K.4.4,C.2.0,D.4.6,J.1
LNCSSublibrary:SL4–SecurityandCryptology
©InternationalAssociationforCryptologicResearch2013
Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis
concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting,
reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication
orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965,
inistcurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable
toprosecutionundertheGermanCopyrightLaw.
Theuseofgeneraldescriptivenames,registerednames,trademarks,etc.inthispublicationdoesnotimply,
evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevantprotectivelaws
andregulationsandthereforefreeforgeneraluse.
Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India
Printedonacid-freepaper
SpringerispartofSpringerScience+BusinessMedia(www.springer.com)
Preface
PKC 2013 was held at the Nara Prefectual New Public Hall in Nara, Japan,
during February 26–March1, 2013.The conference was sponsoredby the Inter-
national Association for Cryptologic Research (IACR).
The conference received 97 submissions (from which one submission was
withdrawn), and each submission was reviewed by at least three of the 30
Program Committee members. Submissions co-authored by the Program Com-
mittee members were reviewed by at least five committee members. Committee
members were allowed to submit at most one paper, or two if the second one
was co-authored by a student.
Duetothelargenumberofhigh-qualitysubmissions,thereviewprocesswasa
challengingandhardtask.After 11 weeksof extensivediscussions,the Program
Committee selected28 submissionsfor presentation.The programalsoincluded
two invited talks: “Functional Encryption: Origins and Recent Developments”
givenbyBrentWaters,and“TechniquesforEfficientSecureComputationBased
on Yao’s Protocol” given by Yehuda Lindell. On behalf of the Program Com-
mittee, I would like to thank Brent and Yehuda for accepting our invitation.
Therearemanypeoplewhocontributedtothe successofPKC2013.Iwould
like to thank many authors from all over the world for submitting their papers.
I am deeply grateful to the Program Committee for their hard work to ensure
that each paper received a thorough and fair review. I gratefully acknowledge
the external reviewers listed on the following pages. The committee’s work was
tremendously simplified by Shai Halevi’s submission/review software. Finally
many thanks go to the General Chair, Goichiro Hanaoka, for organizing the
conference.
March 2013 Kaoru Kurosawa
Organization
General Chair
Goichiro Hanaoka National Institute of Advanced Industrial
Science and Technology (AIST), Japan
Program Chair
Kaoru Kurosawa Ibaraki University, Japan
Local Organizing Co-chairs
Takeshi Chikazawa Information-technology Promotion Agency
(IPA), Japan
Ryo Nojima National Institute of Information and
CommunicationsTechnology(NICT),Japan
Program Committee
Nuttapong Attrapadung AIST, Japan
David Cash Rutgers University, USA
Jean-Sebastien Coron University of Luxembourg, Luxembourg
Jintai Ding University of Cincinnati, USA
Stefan Dziembowski Uniwersytet Warszawski, Poland and
Universita` di Roma “La Sapienza”, Italy
Marc Fischlin Technische Universita¨t Darmstadt, Germany
Pierre-Alain Fouque E´cole Normale Sup´erieure, France
Steven Galbraith Auckland University, New Zealand
Rosario Gennaro City College of New York, USA
Dov Gordon Applied Communication Sciences, USA
Shai Halevi IBM Research, USA
Carmit Hazay Bar-Ilan University, Israel
Tibor Jager Ruhr-Universita¨t Bochum, Germany
Antoine Joux DGA and Universit´e de Versailles
Saint-Quentin-en-Yvelines, France
Eike Kiltz Ruhr-Universita¨t Bochum, Germany
Noboru Kunihiro The University of Tokyo, Japan
Kaoru Kurosawa Ibaraki University, Japan
Allison Lewko Microsoft Research, USA
Benoit Libert Technicolor, France
Alexander May Ruhr-Universita¨t Bochum, Germany
VIII Organization
David Naccache E´cole Normale Sup´erieure, France
Tatsuaki Okamoto NTT Labs, Japan
Claudio Orlandi Aarhus University, Denmark
Chris Peikert Georgia Institute of Technology, USA
Ludovic Perret UPMC/INRIA, France
Nigel Smart University of Bristol, UK
Tsuyoshi Takagi Kyushu University, Japan
Katsuyuki Takashima Mitsubishi Electric, Japan
Vinod Vaikuntanathan University of Toronto, Canada
Hoeteck Wee George Washington University, USA
Steering Committee
Ronald Cramer CWI, The Netherlands
Yvo Desmedt The University of Texas at Dallas, USA
Hideki Imai Chuo University, Japan
David Naccache E´cole Normale Sup´erieure, France
Tatsuaki Okamoto NTT Labs, Japan
David Pointcheval E´cole Normale Sup´erieure, France
Moti Yung Google and Columbia University, USA
Yuliang Zheng University of North Carolina, USA
External Reviewers
Masayuki Abe Craig Costello Akinori Kawachi
Roberto Araujo Giovanni Di Crescenzo Yutaka Kawai
Gilad Asharov Christophe Doche Marcel Keller
John Baena L´eo Ducas Aggelos Kiayias
Rana Barua Konrad Durnoga David Kohel
Mihir Bellare Sebastian Faust Hugo Krawczyk
David Bernhard Nelly Fazio Fabien Laguillaumie
Nir Bitansky Dario Fiore Fagen Li
Olivier Blazy Robert Fitzpatrick Joseph Liu
Colin Boyd David Mandell Freeman Zhen Hua Liu
Elette Boyle Georg Fuchsbauer Patrik Longa
Zvika Brakerski Jun Furukawa Adriana Lopez-Alt
Christina Brzuska Sanjam Garg Vadim Lyubashevsky
Jan Camenisch Sergey Gorbunov Mark Manulis
Angelo De Caro Jens Groth Ben Martin
Sanjit Chatterjee Takuya Hayashi Takahiro Matsuda
Jie Chen Gottfried Herold Payman Mohassel
Ashish Choudhury Dennis Hofheinz Daisuke Moriyama
Sherman Chow William Skeith III Ciaran Mullan
Ran Cohen Sorina Ionica Ryo Nishimaki
Organization IX
Adam O’Neill Thomas Sirvent Zheng Yang
Dan Page Ron Steinfeld Takanori Yasuda
Jiaxin Pan Mario Strefler Arkady Yerukhimovich
Valerio Pastro Koutarou Suzuki Kazuki Yoneyama
Kenny Paterson Chendong Tao Reo Yoshida
Arpita Patra Boaz Tsaban Ching-hua Yu
Thomas Peters Alexander Ushakov Jean-Christophe
Christophe Petit Daniele Venturi Zapalowicz
Le Trieu Phong Frederik Vercauteren Hila Zarosim
Krzysztof Pietrzak Damien Vergnaud Hui Zhang
David Pointcheval Bogdan Warinschi Mingwu Zhang
Mike Rosulek Daniel Wichs Rui Zhang
Dominique Schroeder Douglas Wikstr¨om Youwen Zhu
Jacob Schuldt David Wilson Angela Zottarel
Jae Hong Seo Keita Xagawa
Victor Shoup Shota Yamada
Sponsors
International Association for Cryptologic Research (IACR), National Institute
of Advanced Industrial Science and Technology (AIST), Japan,
Information-technologyPromotionAgency,Japan(IPA),andNationalInstitute
of Information and Communications Technology (NICT), Japan
Table of Contents
Homomorphic Encryption
PackedCiphertexts in LWE-Based Homomorphic Encryption.......... 1
Zvika Brakerski, Craig Gentry, and Shai Halevi
Feasibility and Infeasibility of Adaptively Secure Fully Homomorphic
Encryption...................................................... 14
Jonathan Katz, Aishwarya Thiruvengadam, and Hong-Sheng Zhou
Chosen Ciphertext Secure Keyed-Homomorphic Public-Key
Encryption...................................................... 32
Keita Emura, Goichiro Hanaoka, Go Ohtake,
Takahiro Matsuda, and Shota Yamada
Invited Talk (1)
Functional Encryption: Origins and Recent Developments ............. 51
Brent Waters
Primitives
Vector Commitments and Their Applications ........................ 55
Dario Catalano and Dario Fiore
Efficient, Adaptively Secure, and Composable Oblivious Transfer
with a Single, Global CRS ........................................ 73
Seung Geol Choi, Jonathan Katz, Hoeteck Wee, and
Hong-Sheng Zhou
Cryptography Using Captcha Puzzles............................... 89
Abishek Kumarasubramanian, Rafail Ostrovsky,
Omkant Pandey, and Akshay Wadia
Improved Zero-Knowledge Proofs of Knowledge for the ISIS Problem,
and Applications................................................. 107
San Ling, Khoa Nguyen, Damien Stehl´e, and Huaxiong Wang
Functional Encryption/Signatures
Decentralized Attribute-Based Signatures ........................... 125
Tatsuaki Okamoto and Katsuyuki Takashima
XII Table of Contents
On the Semantic Security of Functional Encryption Schemes .......... 143
Manuel Barbosa and Pooya Farshim
Attribute-Based Encryption with Fast Decryption.................... 162
Susan Hohenberger and Brent Waters
On RSA
Recovering RSA Secret Keys from Noisy Key Bits with Erasures
and Errors ...................................................... 180
Noboru Kunihiro, Naoyuki Shinohara, and Tetsuya Izu
Combined Attack on CRT-RSA: Why Public Verification Must Not Be
Public? ......................................................... 198
Guillaume Barbu, Alberto Battistello, Guillaume Dabosville,
Christophe Giraud, Gu´ena¨el Renault, Soline Renner, and
Rina Zeitoun
IBE and IPE
Revocable Identity-Based Encryption Revisited: Security Model
and Construction ................................................ 216
Jae Hong Seo and Keita Emura
Improved (Hierarchical) Inner-Product Encryption from Lattices....... 235
Keita Xagawa
Invited Talk (2)
Techniques for Efficient Secure Computation Based on Yao’s
Protocol ........................................................ 253
Yehuda Lindell
Key Exchange
Non-Interactive Key Exchange..................................... 254
Eduarda S.V. Freire, Dennis Hofheinz, Eike Kiltz, and
Kenneth G. Paterson
Efficient UC-Secure Authenticated Key-Exchange for Algebraic
Languages ...................................................... 272
Fabrice Ben Hamouda, Olivier Blazy, C´eline Chevalier,
David Pointcheval, and Damien Vergnaud
Table of Contents XIII
Signature Schemes I
Tighter Reductions for Forward-Secure Signature Schemes ............ 292
Michel Abdalla, Fabrice Ben Hamouda, and David Pointcheval
Tagged One-Time Signatures: Tight Security and Optimal Tag Size .... 312
Masayuki Abe, Bernardo David, Markulf Kohlweiss,
Ryo Nishimaki, and Miyako Ohkubo
Encryption
Key Encapsulation Mechanisms from Extractable Hash Proof Systems,
Revisited ....................................................... 332
Takahiro Matsuda and Goichiro Hanaoka
Robust Encryption, Revisited ..................................... 352
Pooya Farshim, Benoˆıt Libert, Kenneth G. Paterson, and
Elizabeth A. Quaglia
Sender-Equivocable Encryption Schemes Secure against Chosen-
Ciphertext Attacks Revisited ...................................... 369
Zhengan Huang, Shengli Liu, and Baodong Qin
Signature Schemes II
Efficient Completely Context-Hiding Quotable and Linearly
Homomorphic Signatures ......................................... 386
Nuttapong Attrapadung, Benoˆıt Libert, and Thomas Peters
Verifiably Encrypted Signatures with Short Keys Based on
the Decisional Linear Problem and Obfuscation for Encrypted VES .... 405
Ryo Nishimaki and Keita Xagawa
Sequential Aggregate Signatures with Short Public Keys: Design,
Analysis and Implementation Studies............................... 423
Kwangsu Lee, Dong Hoon Lee, and Moti Yung
New Constructions and Applications of Trapdoor DDH Groups ........ 443
Yannick Seurin
Protocols
Rate-Limited Secure Function Evaluation: Definitions
and Constructions ............................................... 461
O¨zgu¨r Dagdelen, Payman Mohassel, and Daniele Venturi
