Almost Tightly-Secure Re-randomizable and Replayable CCA-Secure Public Key Encryption

Re-randomizable Replayable CCA-secure public key encryption (Rand-RCCA PKE) schemes guarantee security against chosenciphertext attacks while ensuring the useful property of re-randomizable ciphertexts. We introduce the notion of multi-user and multi-ciphertext Rand-RCCAPKE and we give the first construction of such a PKE scheme with an almost tight security reduction to a standard assumption. Our construction is structure preserving and can be instantiated over Type-1 pairing groups. Technically, our work borrows ideas from the state-of-the-art Rand-RCCA PKE scheme of Faonio et al. (ASIACRYPT'19) and the adaptive partitioning technique of Hofheinz (EUROCRYPT'17). Additionally, we show (1) how to turn our scheme into a publicly verifiable (pv) Rand-RCCA scheme and (2) that plugging our pv-Rand-RCCA PKE scheme into the MixNet protocol of Faonio et al. we can obtain the first almost tightly-secure MixNet protocol.