The Dual Receiver Cryptosystem and its Applications Presented by Brijesh Shetty

Overview  Dual Receiver Cryptosystem – Concept  Interesting Applications  Combined Cryptosystem  Useful Puzzle Solving

Dual Receiver Cryptosystem  Encryption Scheme  Ciphertext can be decrypted by two independent receivers!  Bilinear Diffie Hellman Assumption (based on elliptic curves)

Elliptic Curve based Discrete Log problem  Given Y = k. P and Y,P (i.e P added to itself k times) Find k ????  (P,P)---  g (Y,P)---  h  By definition of Bilinear Curve, we get h = g k [since (aP,bQ)=(P,Q) ab ] (Y,P)=(kP,P)=(P,P) k =g k

“ Key Escrow ” (in the context of Dual receiver)  An arrangement where keys needed to decrypt encrypted data must be held in escrow by a third party.  Eg. Govt. agencies can use it to decrypt messages which they suspect to be relevant to national security.

Dual Receiver Cryptosystem Ciphertext C Message m Encrypt using public keys of B and C B C A Decrypts to m C can also decrypt! C does not learn about the private keys of B or A !!

Dual Receiver Cryptosystem - The Scheme  Some Definitions  (Semantically secure) Dual Receiver Cryptosystem scheme

Definitions (Randomised algorithms)  Key Generation algorithm K(k) = (e,d) & (f,g)  Encryption algorithm E e,f (m) = c

Definitions (contd..)  Decryption Algorithm D D d,f (c) = m  Recovery Algorithm R R e,g (c) = m

Dual Receiver Cryptosystem - The Scheme  Some Definitions  (Semantically secure) Dual Receiver Cryptosystem scheme

Semantically secure Dual Receiver Cryptosystem B C A (x, xP) (y, yP) Message m Random r (u1,u2,u3) private H x is a hash fn associated with public key xP

Semantically secure Dual Receiver Cryptosystem B C A (x, xP) (y, yP) Message m Random r u1 = rP u2 = yP u3 = m+ H x ( r )

Decryption B x = x = r = xyr U3 + Hx( r ) = m

Recovery (Second Receiver) C y = y = r = xyr U3 + Hx( r ) = m

Dual Receiver Cryptosystem - The Scheme  Some Definitions  (Semantically secure) Dual Receiver Cryptosystem scheme

Overview  Dual Receiver Cryptosystem – Concept  Interesting Applications  Combined Cryptosystem  Useful Puzzle Solving

Combined Cryptosystem  We combine using a single key x  Dual Receiver Encryption  Signature

Signature (in Combined scheme)  Same key x. Hash I:{0,1} n -> G1 A B Sign the hash Message m σ = x. I(m)

Verification.. B Verify = B has m, σ If they are same both must be equal x

Combined Cryptosystem  What is so special?  Dual receiver encryption facilitates escrow of the decryption capability & non escrow of the signature capability using the same key!!  The security of either of the schemes is not compromised

Overview  Dual Receiver Cryptosystem – Concept  Interesting Applications Combined Cryptosystem  Useful Security Puzzles

Useful Security Puzzles  Application Areas When Server wants to rate-limit the clients (against DOS attacks) Lighten the server’s computational burden  Example : File Server

File Server (Security Puzzle) Client Abcde …… File Server ¤¥§~¶ ……. Ks E ke,Ka (Ks) (C1,C2) [ ] STORING FILE

File Server … (Request File) ¤¥§~¶ ……. (C1,C2) [ ] C1, P a Compute D Pa,Ke (C1) Random p C1 = E ke,Ka (p) u1 = Ks+ G(p) u2 = F(p,Ks,C1,u1) C2 = [u1,u2] G, F are hashes TD1 G(TD1)+u1 = m Check u2=F(p,m,c,u1) Client Decryption.. Computation intensive XOR and hash Dual Receiver Encrytpion

Thank you