{"volume":9215,"date_updated":"2021-01-12T06:52:14Z","type":"conference","has_accepted_license":"1","conference":{"start_date":"2015-08-16","end_date":"2015-08-20","location":"Santa Barbara, CA, USA","name":"CRYPTO: International Cryptology Conference"},"doi":"10.1007/978-3-662-47989-6_29","author":[{"first_name":"Georg","full_name":"Fuchsbauer, Georg","last_name":"Fuchsbauer","id":"46B4C3EE-F248-11E8-B48F-1D18A9856A87"},{"last_name":"Jafargholi","first_name":"Zahra","full_name":"Jafargholi, Zahra"},{"orcid":"0000-0002-9139-1654","first_name":"Krzysztof Z","full_name":"Pietrzak, Krzysztof Z","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","last_name":"Pietrzak"}],"_id":"1648","alternative_title":["LNCS"],"publication_status":"published","abstract":[{"lang":"eng","text":"Generalized Selective Decryption (GSD), introduced by Panjwani [TCC’07], is a game for a symmetric encryption scheme Enc that captures the difficulty of proving adaptive security of certain protocols, most notably the Logical Key Hierarchy (LKH) multicast encryption protocol. In the GSD game there are n keys k1,..., kn, which the adversary may adaptively corrupt (learn); moreover, it can ask for encryptions Encki (kj) of keys under other keys. The adversary’s task is to distinguish keys (which it cannot trivially compute) from random. Proving the hardness of GSD assuming only IND-CPA security of Enc is surprisingly hard. Using “complexity leveraging” loses a factor exponential in n, which makes the proof practically meaningless. We can think of the GSD game as building a graph on n vertices, where we add an edge i → j when the adversary asks for an encryption of kj under ki. If restricted to graphs of depth ℓ, Panjwani gave a reduction that loses only a factor exponential in ℓ (not n). To date, this is the only non-trivial result known for GSD. In this paper we give almost-polynomial reductions for large classes of graphs. Most importantly, we prove the security of the GSD game restricted to trees losing only a quasi-polynomial factor n3 log n+5. Trees are an important special case capturing real-world protocols like the LKH protocol. Our new bound improves upon Panjwani’s on some LKH variants proposed in the literature where the underlying tree is not balanced. Our proof builds on ideas from the “nested hybrids” technique recently introduced by Fuchsbauer et al. [Asiacrypt’14] for proving the adaptive security of constrained PRFs."}],"department":[{"_id":"KrPi"}],"citation":{"chicago":"Fuchsbauer, Georg, Zahra Jafargholi, and Krzysztof Z Pietrzak. “A Quasipolynomial Reduction for Generalized Selective Decryption on Trees,” 9215:601–20. Springer, 2015. https://doi.org/10.1007/978-3-662-47989-6_29.","ista":"Fuchsbauer G, Jafargholi Z, Pietrzak KZ. 2015. A quasipolynomial reduction for generalized selective decryption on trees. CRYPTO: International Cryptology Conference, LNCS, vol. 9215, 601–620.","apa":"Fuchsbauer, G., Jafargholi, Z., & Pietrzak, K. Z. (2015). A quasipolynomial reduction for generalized selective decryption on trees (Vol. 9215, pp. 601–620). Presented at the CRYPTO: International Cryptology Conference, Santa Barbara, CA, USA: Springer. https://doi.org/10.1007/978-3-662-47989-6_29","mla":"Fuchsbauer, Georg, et al. A Quasipolynomial Reduction for Generalized Selective Decryption on Trees. Vol. 9215, Springer, 2015, pp. 601–20, doi:10.1007/978-3-662-47989-6_29.","ama":"Fuchsbauer G, Jafargholi Z, Pietrzak KZ. A quasipolynomial reduction for generalized selective decryption on trees. In: Vol 9215. Springer; 2015:601-620. doi:10.1007/978-3-662-47989-6_29","short":"G. Fuchsbauer, Z. Jafargholi, K.Z. Pietrzak, in:, Springer, 2015, pp. 601–620.","ieee":"G. Fuchsbauer, Z. Jafargholi, and K. Z. Pietrzak, “A quasipolynomial reduction for generalized selective decryption on trees,” presented at the CRYPTO: International Cryptology Conference, Santa Barbara, CA, USA, 2015, vol. 9215, pp. 601–620."},"date_created":"2018-12-11T11:53:14Z","month":"08","page":"601 - 620","project":[{"_id":"258C570E-B435-11E9-9278-68D0E5697425","grant_number":"259668","name":"Provable Security for Physical Cryptography","call_identifier":"FP7"}],"status":"public","ddc":["004"],"user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","file_date_updated":"2020-07-14T12:45:08Z","oa":1,"publist_id":"5502","intvolume":" 9215","pubrep_id":"674","file":[{"file_id":"5015","creator":"system","date_updated":"2020-07-14T12:45:08Z","access_level":"open_access","relation":"main_file","file_name":"IST-2016-674-v1+1_389.pdf","date_created":"2018-12-12T10:13:31Z","checksum":"99b76b3263d5082554d0a9cbdeca3a22","file_size":505618,"content_type":"application/pdf"}],"language":[{"iso":"eng"}],"title":"A quasipolynomial reduction for generalized selective decryption on trees","quality_controlled":"1","scopus_import":1,"oa_version":"Submitted Version","ec_funded":1,"publisher":"Springer","year":"2015","tmp":{"short":"CC BY (4.0)","name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","image":"/images/cc_by.png","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode"},"day":"01","date_published":"2015-08-01T00:00:00Z","license":"https://creativecommons.org/licenses/by/4.0/"}