7

A deterministic encryption scheme is a cryptosystem which always produces the same ciphertext for a given plaintext and key, even over separate executions of the encryption algorithm.

Although we cannot achieve semantic security or indistinguishability for deterministic encryption due to lack of randomness in cipher text, there is an analysis of maximum possible security for deterministic encryption.

I could not understand much from these papers though. Can somebody say what that means in simple terms? How can we achieve it, if we want to implement it? I suppose I need deterministic encryption because I want to be able to search on the ciphertext.

The papers I tried to understand:

Paŭlo Ebermann
  • 22,946
  • 7
  • 82
  • 119
sashank
  • 6,234
  • 4
  • 36
  • 68

2 Answers2

6

You might be limiting yourself at the wrong aspect there.

Your goal is the ability to search on ciphertext; and you just look at deterministic encryption in your set of tools.

In order to use DE securely, the messagespace HAS TO contain enough entropy in order to protect from brute-force search. The only way to solve this is adding entropy at random either in the encryption process and/or the message (e.g. extend message by a couple of random bits at the start).

But what you actually want is "Searchable Encryption", google scholar will help you out. For example Abdalla et al. published "Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions" and Boneh et al. published "Public Key Encryption with Keyword Search". However, I don't know if there are any implementations of these schemes, and probably they are quite huge: PEKS based on IBE, which is based on pairings in elliptic curves.

tylo
  • 12,864
  • 26
  • 40
0

Since determnistic encryption can not achieve semantic security with indistinguishability in mind the theory says that we assume the underlying plaintext to have enough high-min entropy such that they are not easily gueassable

curious
  • 6,280
  • 6
  • 34
  • 48