Secure Blind Decryption
In this paper the authors construct public key encryption schemes that admit a protocol for blindly decrypting ciphertexts. In a blind decryption protocol, a user with a ciphertext interacts with a secret keyholder such that the user obtains the decryption of the ciphertext and the keyholder learns nothing about what it decrypted. While they are not the first to consider this problem, previous works provided only weak security guarantees against malicious users. They provide, to the knowledge, the first practical blind decryption schemes that are secure under a strong CCA security definition. They prove the construction secure in the standard model under simple, well-studied assumptions in bilinear groups.