fmouhart/thesis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Conclusion

Browse Source
This commit is contained in:
Fabrice Mouhartem
2018-06-19 17:45:22 +02:00
parent 444641891c
commit 8df352c71b
2 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
chap-conclusion.tex
View File

@ -68,7 +68,10 @@ Thus, a natural question may be:
For instance, in the group encryption scheme of~\cref{ch:ge-lwe}, trapdoors are used in two places.
To have a secure public key encryption scheme under adaptive chosen-ciphertext attacks and for the signature scheme.
Both these primitives are induced by identity-based encryption: the Canetti-Halevi-Katz transform generically turns an IBE into a \textsf{IND-CCA2} \PKE~\cite{CHK04}, and signatures are directly implied from \textsf{IND-CPA-}secure IBE~\cite{BF01,BLS01}.
Actually, even the question of having a trapdoorless \textsf{IND-CCA2} public key encryption scheme still remains an open question.
%Actually, even the question of having a trapdoorless \textsf{IND-CCA2} public key encryption scheme still remains an open question.
Actually, a recent construction from Brakerski, Lombardi, Segev and Vaikuntanathan~\cite{BLSV18} gives a candidate which relies on garble circuits, and is fairly inefficient compared to IBEs with trapdoors.
Even the question of an \textsf{IND-CCA2} public key encryption still does not have a satisfactory response.
The construction of Peikert and Waters~\cite{PW08} is indeed trapdoor-free, but is still less efficient than trapdoor-based ones.
\begin{question}
Can we achieve better security proofs for cryptographic schemes?