Gesellschaft fr Informatik e.V.

Lecture Notes in Informatics

BIOSIG 2009: Biometrics and Electronic Signatures P-155, 155-170 (2009).

Gesellschaft für Informatik, Bonn


Arslan Brömme, Christoph Busch, Detlef Hühnlein (eds.)

Copyright © Gesellschaft für Informatik, Bonn


Reverse public key encryption

David Naccache , Rainer Steinwandt and Moti Yung


This exposition paper suggests a new low-bandwidth publickey encryption paradigm. The construction turns a weak form of key privacy into message privacy as follows: let E be a public-key encryption algorithm. We observe that if the distributions $E(pk0, \bullet )$ and $E(pk1, \bullet )$ are indistinguishable for two public keys pk0, pk1, then a message bit b $\in {0, 1}$ can be embedded in the choice of pkb. As the roles of the public-key and the plaintext are reversed, we refer to the new mode of operation as Reverse Public-Key Encryption (rpke). We present examples of and variations on the idea and explore rpke's relationship with key privacy, and we also discuss how to employ it to enable a new implementation of deniable encryption.

Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-231-4

Last changed 24.01.2012 22:12:42