Selective opening security for receivers

Carmit Hazay, Arpita Patra, Bogdan Warinschi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

24 Scopus citations


In a selective opening (SO) attack an adversary breaks into a subset of honestly created ciphertexts and tries to learn information on the plaintexts of some untouched (but potentially related) ciphertexts. Contrary to intuition, standard security notions do not always imply security against this type of adversary, making SO security an important standalone goal. In this paper we study receiver security, where the attacker is allowed to obtain the decryption keys corresponding to some of the ciphertexts. First we study the relation between two existing security definitions, one based on simulation and the other based on indistinguishability, and show that the former is strictly stronger. We continue with feasibility results for both notions which we show can be achieved from (variants of) non-committing encryption schemes. In particular, we show that indistinguishability-based SO security can be achieved from a tweaked variant of non-committing encryption which, in turn, can be instantiated from a variety of basic, well-established, assumptions. We conclude our study by showing that SO security is however strictly weaker than all variants of non-committing encryption that we consider, leaving potentially more efficient constructions as an interesting open problem.

Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2015 - 21st International Conference on the Theory and Application of Cryptology and Information Security, 2015, Proceedings
EditorsJung Hee Cheon, Tetsu Iwata
PublisherSpringer Verlag
Number of pages27
ISBN (Print)9783662487969
StatePublished - 2015
Event21st International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2015 - Auckland, New Zealand
Duration: 29 Nov 20153 Dec 2015

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference21st International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2015
Country/TerritoryNew Zealand

Bibliographical note

Funding Information:
Carmit Hazay acknowledges support from the Israel Ministry of Science and Technology (grant No. 3-10883). Arpita Patra acknowledges support from project entitled ‘ISEA - Part II’ funded by Department of Electronics and Information Technology of Govt. of India. Part of this work was carried out while Bogdan Warinschi was visiting Microsoft Research, Cambridge, UK and IMDEA, Madrid, Spain. He has been supported in part by ERC Advanced Grant ERC-2010-AdG-267188-CRIPTO, by EPSRC via grant EP/H043454/1, and has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement 609611 (PRACTICE).

Publisher Copyright:
© International Association for Cryptologic Research 2015.


  • Encryption schemes
  • Noncommitting encryption
  • Selective opening attacks


Dive into the research topics of 'Selective opening security for receivers'. Together they form a unique fingerprint.

Cite this