
























, University of Tokyo, National Institute of Advanced Industrial Science and Technology
Takahiro Matsuda, National Institute of Advanced Industrial Science and Technology
Kanta Matsuura, University of Tokyo
Sender-anamorphic encryption is a cryptographic primitive that allows a sender to covertly embed an alternative message into the ciphertext. This enables the sender to transmit the message they truly wish to send without an authority's knowledge, even if they are coerced into sending a message against their will. The concrete scenario considered here is one where the authority demands that the sender provide the public key, the plaintext, and the internal randomness used to generate the ciphertext, and then requires a proof that the coerced message was indeed encrypted correctly. Persiano et al. (Eurocrypt 2022) formulated the security of sender-anamorphic encryption to capture this situation. Building on that, Wang et al. (Asiacrypt 2023) proposed $\ell$-sender-anamorphic encryption along with its security definition. However, in the formal security definitions for sender-anamorphic encryption in these existing works, the randomness used to generate the challenge ciphertext is not given to an adversary, and thus, the potential threats are not fully accounted for. Therefore, in this study, we redefine security for sender-anamorphic encryption so that the randomness used to generate the challenge ciphertext is provided to the adversary. We then investigate whether the existing sender-anamorphic encryption schemes by Persiano et al. and Wang et al. satisfy our refined notions of security.
Note: Full version
BibTeX
@misc{cryptoeprint:2026/1070,
author = {Yuichi Tanishita and Takahiro Matsuda and Kanta Matsuura},
title = {Revisiting Security Definitions of Sender-Anamorphic Encryption},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/1070},
year = {2026},
doi = {10.1007/978-3-032-26740-5_5},
url = {https://eprint.iacr.org/2026/1070}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。