Group encryption (GE), the encryption analog of group signatures, is a fundamental primitive that offers a privacy-preserving service for a specific receiver concealed within a group of certified users. Like other cryptographic primitives, GE constructions are always considered relative to the potential danger of quantum computations. The only existing lattice-based variant appeared in the work of Libert et al. (Asiacrypt’16). Despite its non-trivial achievement, the construction suffers in terms of efficiency due to the extensive use of lattice trapdoors. In this paper, we develop an integrated zero-knowledge argument system that is friendly to both accumulated values and hidden matrices and supports efficient designs from lattices. Based on this system, we propose efficiency enhancing GE where only group users are required to possess the lattice trapdoors and the other parties are not. In particular, we utilize lattice-based cryptographic accumulators to confirm prospective group m
Group encryption (GE) is a fundamental anonymity primitive analogue of group signature, which guarantees the decryption ability of recipients to specific ciphertexts while hiding these users within a crowd. Since its first birth by Kiayias et al., numerous constructions have been proposed, among which there is only one lattice-based scheme is post-quantum secure. However, the security of all these schemes will be damaged once an unexpected key-exposure attack occurs (which is extremely unavoidable in the real world). To solve this problem, we first consider a forward-secure group encryption primitive and provide a concrete instantiation over lattices, which efficiently mitigates the threats from both key exposure and quantum computation. The key idea is to introduce an appropriate periodical key-updating mechanism into the group encryptions to restrain any key-exposure adversary from breaking ciphertexts generated in prior time periods. Concretely, we modify the Agrawal-Boneh-Boyen HIB
Group encryption (GE) is a fundamental privacy-preserving primitive analog of group signatures, which allows users to decrypt specific ciphertexts while hiding themselves within a crowd. Since its first birth, numerous constructions have been proposed, among which the schemes separately constructed by Libert et al. (Asiacrypt 2016) over lattices and by Nguyen et al. (PKC 2021) over coding theory are post-quantum secure. Though the last scheme, at the first time, achieved the full dynamicity (allowing group users to join or leave the group in their ease) and message filtering policy, which greatly improved the state-of-affairs of GE systems, its practical applications are still limited due to the rather complicated design, inefficiency and the weaker security (secure in the random oracle model). In return, the Libert et al.’s scheme possesses a solid security (secure in the standard model), but it lacks the previous functions and still suffers from inefficiency because of extremely us