Portal de Periódicos da CAPES

Simulation-Sound Arguments for LWE and Applications to KDM-CCA2 Security

2020; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-030-64837-4_5

1611-3349

Benôıt Libert, Khoa Nguyen, Alain Passelègue, Radu Ţiţiu,

Complexity and Algorithms in Graphs

The Naor-Yung paradigm is a well-known technique that constructs IND-CCA2-secure encryption schemes by means of non-interactive zero-knowledge proofs satisfying a notion of simulation-soundness. Until recently, it was an open problem to instantiate it under the sole Learning-With-Errors ( $$\mathsf {LWE}$$ ) assumption without relying on random oracles. While the recent results of Canetti et al. (STOC'19) and Peikert-Shiehian (Crypto'19) provide a solution to this problem by applying the Fiat-Shamir transform in the standard model, the resulting constructions are extremely inefficient as they proceed via a reduction to an NP-complete problem. In this paper, we give a direct, non-generic method for instantiating Naor-Yung under the $$\mathsf {LWE}$$ assumption outside the random oracle model. Specifically, we give a direct construction of an unbounded simulation-sound NIZK argument system which, for carefully chosen parameters, makes it possible to express the equality of plaintexts encrypted under different keys in Regev's cryptosystem. We also give a variant of our argument that provides tight security. As an application, we obtain an $$\mathsf {LWE}$$ -based public-key encryption scheme for which we can prove (tight) key-dependent message security under chosen-ciphertext attacks in the standard model.