学术文献库

In this work, we extend the Constructive Cryptography (CC) framework introduced by Maurer in 2011 so as to handle interactive protocols. We design and construct a so-called {\em Interactive Server Memory Resource} (ISMR), that is an augmented version of the basic instantiation of a client-server protocol in CC, namely the Server Memory Resource. We then apply our ISMR construction to two types of interactive cryptographic protocols for remote storage : Updatable Encryption (UE) and Private Information Retrieval (PIR). Concerning UE, our results are a composable version of those protocols, clarifying the security guarantees achieved by {\em any} UE scheme. Namely, we give the relevant security notion to consider according to a given leakage context. Letting USMR denote our ISMR adapted to the UE application, we prove that $\mathsf{IND}\text{-}\mathsf{UE}\text{-}\mathsf{CPA}$ security is sufficient for a secure construction of a confidential USMR that hides the age of ciphertexts; and $\mathsf{IND}\text{-}(\mathsf{ENC}+\mathsf{UPD})\text{-}\mathsf{CPA}$ security is sufficient for a secure construction of a confidential USMR in case of unrestricted leakage. As a consequence, contrary to what was claimed before, the $\mathsf{IND}\text{-}\mathsf{UE}$ security notion is not always stronger than the $\mathsf{IND}\text{-}(\mathsf{ENC+UPD})$ one. Concerning PIR, we also give a composable version of PIR protocols, yielding a unique model that unifies different notions of PIR : IT-PIR, C-PIR, one- or multi- server PIR. Using the flexibility of CC, we are also able to model PIR variants, such as SPIR.