Hybrid Encryption with Certified Deletion in Preprocessing Model
Certified deletion allows Alice to outsource data to Bob and, at a later time, obtain a verifiable guarantee that the file has been irreversibly deleted at her request. The functionality, while impossible using classical information alone, can be achieved using quantum information. Existing approaches rely either on one-time pad (OTP) encryption, or on computational hardness assumptions that may be vulnerable to future advances in classical or quantum computing. In this work, we introduce and formalize hybrid encryption with certified deletion in the preprocessing model (pHE-CD) and propose two constructions. Each construction composes an information-theoretic key encapsulation mechanism (iKEM) with a data encapsulation mechanism that provides certified deletion (DEM-CD) security, offering different types of security depending on the security properties of DEM-CD. When DEM-CD is one-time information theoretically secure, the composition provides {\em information-theoretic security} for both encryption and certified deletion. When DEM-CD is computationally secure, the composed construction offers computationally secure (post-quantum) encryption and {\em everlasting certified deletion} where confidentiality is computational up to the point that the deletion certificate is verified, and after successful verification of the certificate, becomes unconditional. That is, successful verification of deletion certificate guarantees that the data has been removed information-theoretically from the adversary's view. Both pHE-CD schemes are for encryption of arbitrarily long messages. Construction 2 is key efficient and uses a DEM-CD that is constructed using quantum coding and AES, providing quantum-safe security for encryption. We discuss our results and directions for future work.